Vulnerabilities

CVE-2024-9982

by Fred · 15/10/2024

AIM LINE Marketing Platform from Esi Technology does not properly validate a specific query parameter. When the LINE Campaign Module is enabled, unauthenticated remote attackers can inject arbitrary FetchXml commands to read, modify, and delete database content.

More information : https://www.twcert.org.tw/en/cp-139-8147-eb650-2.html

Similar

Tags: Cybersecurity Alert