AI description
CVE-2024-55460 is a time-based SQL injection vulnerability found in the login page of BoardRoom Limited Dividend Distribution Tax Election System version 2.0. Exploitation of this vulnerability allows attackers to execute arbitrary code by manipulating input provided to the login page. This vulnerability was published on 2025-02-19. More information can be found at `https://sgsrs.boardroomlimited.com/taxelection/login.aspx` and `https://github.com/Ap0k4L1p5/CVE-research/tree/master/CVE-2024-55460`. Please note that as of today, February 24, 2025, this vulnerability is awaiting further analysis.
- Description
- A time-based SQL injection vulnerability in the login page of BoardRoom Limited Dividend Distribution Tax Election System Version v2.0 allows attackers to execute arbitrary code via a crafted input.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-89
- Hype score
- Not currently trending
Time-based SQLi led to RCE using Out of Band (OAST) Technique (CVE-2024-55460). Details: https://t.co/6LkruucSPl p/s: My first ever CVE published. Thanks to @RempahRz for the guidance and insight of publishing this hehe
@Ap0k4L1p5
21 Feb 2025
1364 Impressions
13 Retweets
37 Likes
4 Bookmarks
12 Replies
0 Quotes
CVE-2024-55460 A time-based SQL injection vulnerability in the login page of BoardRoom Limited Dividend Distribution Tax Election System Version v2.0 allows attackers to execute arb… https://t.co/4bX6yPpSgo
@CVEnew
18 Feb 2025
222 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes