CVE-2020-24841
CRITICALPNPSCADA 2.200816204020 - SQL Injection via 'interf' Parameter in browse.jsp
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2020-24841. PoCs published by İsmail ERKEK.
AI-analyzed exploit summary This exploit demonstrates an authenticated SQL injection vulnerability in PNPSCADA 2.200816204020 via the 'interf' parameter in /browse.jsp. It includes a time-based blind payload and instructions for using SQLmap to extract database information.
Description
PNPSCADA 2.200816204020 allows SQL injection via parameter 'interf' in /browse.jsp. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Exploits (1)
This exploit demonstrates an authenticated SQL injection vulnerability in PNPSCADA 2.200816204020 via the 'interf' parameter in /browse.jsp. It includes a time-based blind payload and instructions for using SQLmap to extract database information.
References (2)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H