7May
CVE-2024-25514 | RuvarOA 6.01/12.01 wf_template_child_field_list.aspx template_id sql injection
A vulnerability classified as critical has been found in RuvarOA 6.01/12.01. This affects an unknown part of the file /SysManage/wf_template_child_field_list.aspx. The manipulation of the argument template_id leads to sql injection. This vulnerability is uniquely identified as CVE-2024-25514. It is possible to initiate the attack remotely. There is no exploit available.