2Tem
CVE-2024-6438 | Hitout Carsale 1.0 OrderController.java orderBy sql injection (Issue 23)
A vulnerability has been found in Hitout Carsale 1.0 and classified as critical. This vulnerability affects unknown code of the file OrderController.java. The manipulation of the argument orderBy leads to sql injection. This vulnerability was named CVE-2024-6438. The attack can be initiated remotely. Furthermore, there is an exploit available.