CVE-2024-30239

CVSS 3.1 Score 8.5 of 10 (high)

Details

Published Mar 28, 2024

CWE ID 89

Summary

CVE-2024-30239 is an SQL injection vulnerability affecting Zoho Campaigns versions 2.0.6 and below. Hackers can exploit this weakness by introducing malicious SQL statements into inputs, potentially gaining unauthorized access to sensitive information or even complete system takeover. The issue arises due to improper neutralization of special elements used in SQL commands, posing a significant risk to all impacted users.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vEIEum
https://www.cve.org/CVERecord?id=CVE-2024-30239
https://nvd.nist.gov/vuln/detail/CVE-2024-30239

Back to Vulnerability Database

CVE-2024-30239

CVSS 3.1 Score 8.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations