7May
CVE-2024-25512 | RuvarOA 6.01/12.01 AttachDownLoad.aspx attach_id sql injection
A vulnerability was found in RuvarOA 6.01/12.01. It has been classified as critical. This affects an unknown part of the file /Bulletin/AttachDownLoad.aspx. The manipulation of the argument attach_id leads to sql injection. This vulnerability is uniquely identified as CVE-2024-25512. It is possible to initiate the attack remotely. There is no exploit available.