CVE Published: 28/11/2024 |
CVE Updated: 28/11/2024 |
CVE Year: 2024 Source: Patchstack |
Vendor: Eniture Technology |
Product: Distance Based Shipping Calculator Status : PUBLISHED
CVE-2024-52495 Description
Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Eniture Technology Distance Based Shipping Calculator allows SQL Injection.This issue affects Distance Based Shipping Calculator: from n/a through 2.0.21.
Metrics
CVSS Version: 3.1 |
Base Score: 8.5 HIGH Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L