CVE-2024-7897

CVSS V2 None CVSS V3 None
Description
A vulnerability classified as critical has been found in Tosei Online Store Management System ネット店舗管理システム 4.02/4.03/4.04. This affects an unknown part of the file /cgi-bin/tosei_kikai.php. The manipulation of the argument kikaibangou leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Overview
  • CVE ID
  • CVE-2024-7897
  • Assigner
  • VulDB
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-08-17T15:00:06.136Z
  • Last Modified Date
  • 2024-08-17T15:00:06.136Z
References
Reference URL Reference Tags
https://vuldb.com/?id.274905 vdb-entry technical-description
https://vuldb.com/?ctiid.274905 signature permissions-required
https://vuldb.com/?submit.387406 third-party-advisory
https://gist.github.com/b0rgch3n/bb47a1ed6f66c1e8c7a80f210f4ac8ef exploit
History
Created Old Value New Value Data Type Notes
2024-08-18 13:04:03 Added to TrackCVE