Lucene search
PatchstackCVE-2024-39653HistoryAug 29, 2024 - 3:15 p.m.
CVE-2024-39653
2024-08-2915:15:27
CWE-89
Patchstack
web.nvd.nist.gov
23
cve-2024-39653
sql injection
vikrentcar e4j s.r.l.
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.001
Percentile
39.7%
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in E4J s.R.L. VikRentCar allows SQL Injection.This issue affects VikRentCar: from n/a through 1.4.0.
Affected configurations
Node
e4jconnectvikrentcarRange<1.4.1wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| e4jconnect | vikrentcar | * | cpe:2.3:a:e4jconnect:vikrentcar:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "vikrentcar",
"product": "VikRentCar",
"vendor": "E4J s.r.l.",
"versions": [
{
"changes": [
{
"at": "1.4.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.4.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-39653
2024-08-29 15:15:27
cvelist
cvelist
wordfence
wordfence
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.001
Percentile
39.7%
Related for CVE-2024-39653