CVE-2024-28297

HIGH

AzureSoft MyHorus 4.3.5 - SQL Injection

Title source: llm
STIX 2.1

Description

SQL injection vulnerability in AzureSoft MyHorus 4.3.5 allows authenticated users to execute arbitrary SQL commands via unspecified vectors.

Scores

CVSS v3 7.5
EPSS 0.0038
EPSS Percentile 29.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-89
Status published
Published Aug 02, 2024
Tracked Since Feb 18, 2026