AI description
CVE-2024-54820 is a vulnerability identified in XOne Web Monitor version 02.10.2024.530, specifically within framework 1.0.4.9. It involves an SQL injection flaw on the login page. This flaw allows unauthorized attackers to gain access to all stored usernames and passwords through a specifically crafted input. The vulnerability was first detailed by NVD on February 24, 2025. The first article mentioning CVE-2024-54820 was also found on February 24, 2025, by Feedly, referencing the National Vulnerability Database.
- Description
- XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login page. This vulnerability allows attackers to extract all usernames and passwords via a crafted input.
- Source
- cve@mitre.org
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-89
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
🚨CVE-2024-54820: Vulnerability: Unauthenticated SQL Injection - Clear Credentials Dump https://t.co/RfoIyjZXFP
@DarkWebInformer
24 Feb 2025
2499 Impressions
5 Retweets
14 Likes
3 Bookmarks
0 Replies
0 Quotes
CVE-2024-54820 XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login page. This vulnerability allows attackers to e… https://t.co/v8d7THtnxL
@CVEnew
24 Feb 2025
451 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes