Unrated severityNVD Advisory· Published Jun 12, 2024· Updated Aug 1, 2024

SQL Injection in MegaBIP

CVE-2024-1576

Description

SQL Injection vulnerability in MegaBIP software allows attacker to obtain site administrator privileges, including access to the administration panel and the ability to change the administrator password. This issue affects MegaBIP software versions through 5.09.

Affected products

Megabip/Megabipllm-fuzzy
Range: <=5.09
Jan Syski/MegaBIPv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cert.pl/en/posts/2024/06/CVE-2024-1576/mitrethird-party-advisory
cert.pl/posts/2024/06/CVE-2024-1576/mitrethird-party-advisory
megabip.plmitreproduct
www.gov.pl/web/cyfryzacja/rekomendacja-pelnomocnika-rzadu-ds-cyberbezpieczenstwa-dotyczaca-biuletynow-informacji-publicznejmitregovernment-resource

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000