216.73.216.67

CVE-2024-25533

· Published 08/05/2024 17:15 · Modified 08/05/2024 17:15

Labels: CVE-2024-25533 2024-05-08CVE-2024-25533[email protected]

Essential information

Published
08/05/2024 17:15
Modified
08/05/2024 17:15
Author
Creator
CISA KEV
No
CWE

Description

Error messages in RuvarOA v6.01 and v12.01 were discovered to leak the physical path of the website (/WorkFlow/OfficeFileUpdate.aspx). This vulnerability can allow attackers to write files to the server or execute arbitrary commands via crafted SQL statements.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References