CVE-2024-11051

CVSS V2 None CVSS V3 None

Description

A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204. It has been classified as critical. Affected is an unknown function of the file /manager/frontdesk/online_status.php. The manipulation of the argument AccountID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Overview

CVE ID
CVE-2024-11051

Assigner
VulDB

Vulnerability Status
PUBLISHED

Published Version
2024-11-10T07:31:06.746Z

Last Modified Date
2024-11-10T07:31:06.746Z

Weakness Enumerations

CWE	URL
CWE-89	http://cwe.mitre.org/data/definitions/89.html
CWE-74	http://cwe.mitre.org/data/definitions/74.html

References

Reference URL	Reference Tags
https://vuldb.com/?id.283794	vdb-entry technical-description
https://vuldb.com/?ctiid.283794	signature permissions-required
https://vuldb.com/?submit.432691	third-party-advisory
https://wiki.shikangsi.com/post/share/ab8e6804-5c8e-442b-8a37-c6b376bcc86f	exploit

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-11051
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11051

History

Created	Old Value	New Value	Data Type	Notes
2024-11-11 13:19:10				Added to TrackCVE