Unrated severityNVD Advisory· Published Apr 12, 2024· Updated Aug 1, 2024

SQL Injection vulnerability in OpenGnsys

CVE-2024-3704

Description

SQL Injection Vulnerability has been found on OpenGnsys product affecting version 1.1.1d (Espeto). This vulnerability allows an attacker to inject malicious SQL code into login page to bypass it or even retrieve all the information stored in the database.

Affected products

Opengnsys/Opengnsysv5
Range: 1.1.1d

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

opengnsys.es/web/parche-de-seguridad-cve-2024-370xmitrepatch
www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-opengnsysmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000