CVE-2024-33444

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-33444

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-33444.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-33444

Published

2024-04-29T17:15:19Z

Modified

2025-04-17T11:04:30.580510Z

Summary

[none]

Details

SQL injection vulnerability in onethink v.1.1 allows a remote attacker to escalate privileges via a crafted script to the ModelModel.class.php component.

References

https://gist.github.com/LioTree/1971a489dd5ff619b89e7a9e1da91152
https://github.com/liu21st/onethink/issues/39
https://github.com/liu21st/onethink

Affected packages

Git / github.com/liu21st/onethink

Affected ranges

Type: GIT
Repo: https://github.com/liu21st/onethink
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

fdf545040be97ab7bd925d2187a8d148f6308ae9

Affected versions

1.*

1.1开发版