Vulnerability Description
SQL Injection vulnerability in MegaBIP software allows attacker to obtain site administrator privileges, including access to the administration panel and the ability to change the administrator password. This issue affects MegaBIP software versions through 5.09.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Megabip | Megabip | <= 5.09 |
Related Weaknesses (CWE)
References
- https://cert.pl/en/posts/2024/06/CVE-2024-1576/Third Party Advisory
- https://cert.pl/posts/2024/06/CVE-2024-1576/Third Party Advisory
- https://megabip.pl/Product
- https://www.gov.pl/web/cyfryzacja/rekomendacja-pelnomocnika-rzadu-ds-cyberbezpiePress/Media Coverage
- https://cert.pl/en/posts/2024/06/CVE-2024-1576/Third Party Advisory
- https://cert.pl/posts/2024/06/CVE-2024-1576/Third Party Advisory
- https://megabip.pl/Product
- https://www.gov.pl/web/cyfryzacja/rekomendacja-pelnomocnika-rzadu-ds-cyberbezpiePress/Media Coverage
FAQ
What is CVE-2024-1576?
CVE-2024-1576 is a vulnerability with a CVSS score of 9.8 (CRITICAL). SQL Injection vulnerability in MegaBIP software allows attacker to obtain site administrator privileges, including access to the administration panel and the ability to change the administrator passwo...
How severe is CVE-2024-1576?
CVE-2024-1576 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2024-1576?
Check the references section above for vendor advisories and patch information. Affected products include: Megabip Megabip.