CVE-2024-39072

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-39072
AMTT Hotel Broadband Operation System (HiBOS) v3.0.3.151204 is vulnerable to SQL injection via manager/conference/calendar_remind.php.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.1 / Impact : 3.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://gist.github.com/Y5neKO/4c15581606c118aa2172afd3b8b74328 Broken Link
https://gist.github.com/Y5neKO/4c15581606c118aa2172afd3b8b74328 Broken Link
Configurations

Configuration 1 (hide)

cpe:2.3:a:amttgroup:hibos:3.0.3.151204:*:*:*:*:*:*:*
History

No history.

Information

Published : 2024-07-09 21:15

Updated : 2025-10-17 17:03

NVD link : CVE-2024-39072

Mitre link : CVE-2024-39072

CVE.ORG link : CVE-2024-39072

JSON object : View

Products Affected

amttgroup

  • hibos
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')