{"uuid": "56d9a71c-9369-494d-ae2e-0fbedd0e0e0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11504", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9349", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11504\n\ud83d\udd25 CVSS Score: 8.6 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Input from multiple fields in\u00a0Streamsoft Presti\u017c is not sanitized properly, leading to an SQL injection vulnerability, which might be exploited by an authenticated remote attacker.\u00a0\nThis issue was fixed in\u00a018.1.376.37 version of the software.\n\ud83d\udccf Published: 2025-03-28T12:54:11.472Z\n\ud83d\udccf Modified: 2025-03-28T12:54:11.472Z\n\ud83d\udd17 References:\n1. https://cert.pl/en/posts/2025/03/CVE-2024-7407/\n2. https://www.streamsoft.pl/streamsoft-prestiz/", "creation_timestamp": "2025-03-28T13:28:08.000000Z"}