Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
Craft CMS up to v3.7.31 was discovered to contain a SQL injection vulnerability via the GraphQL API endpoint.
- https://blog.smithsecurity.biz/craft-cms-unauthenticated-sqli-via-graphql
- https://github.com/gsmith257-cyber/CVE-2024-37843-POC
- https://github.com/nomi-sec/PoC-in-GitHub