Lucene search
WPScanCVELIST:CVE-2021-24741HistorySep 20, 2021 - 10:06 a.m.
CVE-2021-24741 Support Board < 3.3.4 - Multiple Unauthenticated SQL Injections
2021-09-2010:06:51
CWE-89
WPScan
www.cve.org
4
cve-2021-24741
support board
wordpress
unauthenticated
sql injections
EPSS
0.002
Percentile
58.0%
The Support Board WordPress plugin before 3.3.4 does not escape multiple POST parameters (such as status_code, department, user_id, conversation_id, conversation_status_code, and recipient_id) before using them in SQL statements, leading to SQL injections which are exploitable by unauthenticated users.
CNA Affected
[
{
"product": "Support Board",
"vendor": "Unknown",
"versions": [
{
"lessThan": "3.3.4",
"status": "affected",
"version": "3.3.4",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
Support Board < 3.3.4 - Multiple Unauthenticated SQL Injections
2021-09-03 00:00:00
prion
prion
Sql injection
2021-09-20 10:15:00
wpexploit
wpexploit
Support Board < 3.3.4 - Multiple Unauthenticated SQL Injections
2021-09-03 00:00:00
cve
cve
CVE-2021-24741
2021-09-20 10:15:09
checkpoint_advisories
checkpoint_advisories
WordPress Support Board Plugin SQL Injection (CVE-2021-24741)
2021-10-10 00:00:00
githubexploit
githubexploit
Exploit for SQL Injection in Schiocco Support Board - Chat And Help Desk
2021-08-28 18:34:40
patchstack
patchstack
nvd
nvd
CVE-2021-24741
2021-09-20 10:15:09