CVE-2024-54261 | THREATINT

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in HK Digital Agency LLC TAX SERVICE Electronic HDM allows SQL Injection.This issue affects TAX SERVICE Electronic HDM: from n/a through 1.1.2.

PUBLISHED Reserved 2024-12-02 | Published 2024-12-13 | Updated 2024-12-13 | Assigner Patchstack

CRITICAL: 10.0CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Problem types

CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Product status

Default status

unaffected

Any version

affected

Credits

stealthcopter (Patchstack Alliance) finder

References

patchstack.com/...-1-2-sql-injection-vulnerability?_s_id=cve vdb-entry

cve.org (CVE-2024-54261)

nvd.nist.gov (CVE-2024-54261)