CVE-2024-8331

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-8331

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-8331.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-8331

Published

2024-08-30T11:15:15.120Z

Modified

2025-11-20T12:31:51.776881Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A vulnerability was found in OpenRapid RapidCMS up to 1.3.1. It has been classified as critical. This affects an unknown part of the file /admin/user/user-move-run.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

References

Affected packages

Git / github.com/openrapid/rapidcms

Affected ranges

Type: GIT
Repo: https://github.com/openrapid/rapidcms
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

e0ce52452522bbccf72f3c772bb0afe3fc2969d7

Affected versions

1.*

1.3.1

Dev.*

Dev.1.1.6

Dev.1.2.0

Dev.1.2.1

Dev.1.2.2

Dev.1.2.3

Dev.1.2.4

Dev.1.2.6

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-8331.json"