CVE-2024-9982 – Esi Technology AIM LINE Marketing Platform Unauthenticated Remote Code Injection Vulnerability

CVE ID : CVE-2024-9982

Published : Oct. 15, 2024, 8:15 a.m. | 4 hours, 56 minutes ago

Description : AIM LINE Marketing Platform from Esi Technology does not properly validate a specific query parameter. When the LINE Campaign Module is enabled, unauthenticated remote attackers can inject arbitrary FetchXml commands to read, modify, and delete database content.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…CVE ID : CVE-2024-9982

Published : Oct. 15, 2024, 8:15 a.m. | 4 hours, 56 minutes ago

Description : AIM LINE Marketing Platform from Esi Technology does not properly validate a specific query parameter. When the LINE Campaign Module is enabled, unauthenticated remote attackers can inject arbitrary FetchXml commands to read, modify, and delete database content.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…