CVE-2024-40560

EUVD-2024-38524
Tmall_demo before v2024.07.03 was discovered to contain a SQL injection vulnerability.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.3 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CISA-ADPADP
7.3 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 21%
Affected Products (NVD)
VendorProductVersion
project_teamtmall_demo
𝑥
< 2024-07-03
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://gitee.com/project_team/Tmall_demo/issues/IAAOT1
https://gitee.com/project_team/Tmall_demo/issues/IAAOT1