CVE-2024-31356SQL Injection in Infotech User Activity LOG

CWE-89SQL Injection4 documents4 sources
Severity
7.6HIGHNVD
EPSS
0.3%
top 45.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Solwin Infotech User Activity LOG
Timeline
PublishedApr 10
Latest updateJun 9

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Solwin Infotech User Activity Log.This issue affects User Activity Log: from n/a through 1.8.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:LExploitability: 2.3 | Impact: 4.7

Affected Packages1 packages

CVEListV5solwin_infotech/user_activity_logn/a1.8

🔴Vulnerability Details

3
OSV
amd64-microcode vulnerabilities2025-06-09
GHSA
GHSA-3fmq-xqpg-7wmg: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Solwin Infotech User Activity Log2024-04-10
CVEList
WordPress User Activity Log plugin <= 1.8 - Auth. SQL Injection vulnerability2024-04-10
CVE-2024-31356 — SQL Injection | cvebase