CVE-2024-27956

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0.

NVD
Severity: N/A
CVE ID: CVE-2024-27956
CVSS Score: N/A
CVSS Metrics: NVD assessment not yet provided.

Patchstack
Severity: CRITICAL
CVE ID: CVE-2024-27956
CVSS Score: 9.9
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L

Refrence: NVD MITRE

Proof Of Concept

Nuclei Templates for CVE-2024-27956

Refrence: Project Discovery GitHub

truonghuuphuc

Refrence: GitHub

diego-tella

PoC for wordpress takeover in CVE-2024-27956

Refrence: GitHub

Description​

Proof Of Concept​

Description

Proof Of Concept