CVE-2024-24001

CVE-2024-24001 — jshERP v3.3 is vulnerable to SQL Injection. via the com.jsh.erp.controller.Depot

📅 2024-02-07

🔴 Critical 🔥 No NVD Exploit OT/ICS CVSS 9.8 🎯 EPSS 0.06%

📋 الوصف الكامل

jshERP v3.3 is vulnerable to SQL Injection. via the com.jsh.erp.controller.DepotHeadController: com.jsh.erp.utils.BaseResponseInfo findallocationDetail() function of jshERP which allows an attacker to construct malicious payload to bypass jshERP's protection mechanism.

💻 الأنظمة المتأثرة

jshERP

⚠️ نوع التهديد

Exploit

🔗 CVE ID

CVE-2024-24001

📡 المصدر

NVD

✅ الحلول والتخفيف

Refer to CVE-2024-24001 NVD advisory

🔗 المصدر الأصلي ← 📘 NVD ← ⚡ CISA KEV ←