CVE-2024-31355

CVSS 3.1 Score 8.5 of 10 (high)

Details

Published Apr 10, 2024

CWE ID 89

Summary

CVE-2024-31355 is a newly identified SQL Injection vulnerability that affects the Tribulant Slideshow Gallery. The flaw stems from improper neutralization of special elements used in SQL commands. This issue poses a significant risk to Slideshow Gallery versions from n/a through 1.7.8, enabling malicious actors to inject malicious SQL statements and potentially gain unauthorized access to sensitive data or even take control of the affected system. It is crucial for users to update their Slideshow Gallery installations as soon as possible to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vTu-TN
https://www.cve.org/CVERecord?id=CVE-2024-31355
https://nvd.nist.gov/vuln/detail/CVE-2024-31355

Back to Vulnerability Database

CVE-2024-31355

CVSS 3.1 Score 8.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations