CVE-2024-40560

Tmall_demo before v2024.07.03 was discovered to contain a SQL injection vulnerability.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.3 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
mitreCNA
---
---
CISA-ADPADP
7.3 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 28%
VendorProductVersion
project_teamtmall_demo
𝑥
< 2024-07-03
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://gitee.com/project_team/Tmall_demo/issues/IAAOT1
https://gitee.com/project_team/Tmall_demo/issues/IAAOT1