CVE-2024-37843
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-37843
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Craft CMS up to v3.7.31 was discovered to contain a SQL injection vulnerability via the GraphQL API endpoint.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
CraftCMS 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
CraftCMS是CraftCMS公司的一个内容管理系统。 CraftCMS v3.7.31版本及之前版本存在安全漏洞。攻击者利用该漏洞通过 GraphQL API 端点执行 SQL 注入攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2024-37843
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | POC for CVE-2024-37843. Craft CMS time-based blind SQLi | https://github.com/gsmith257-cyber/CVE-2024-37843-POC | POC Details |
| 2 | Craft CMS up to v3.7.31 was discovered to contain a SQL injection vulnerability via the GraphQL API endpoint. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-37843.yaml | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-37843
请登录查看更多情报信息。
Same Patch Batch · n/a · 2024-06-25 · 17 CVEs total
| CVE-2024-37085 | 6.8 MEDIUM | VMware ESXi 安全漏洞 |
| CVE-2024-37086 | 6.8 MEDIUM | VMware ESXi 安全漏洞 |
| CVE-2024-37087 | 5.3 MEDIUM | VMware vCenter Server 安全漏洞 |
| CVE-2024-38952 | PX4 Drone Autopilot 安全漏洞 | |
| CVE-2024-38951 | PX4 Drone Autopilot 安全漏洞 | |
| CVE-2024-35527 | FarCry Core Framework 安全漏洞 | |
| CVE-2024-35526 | FarCry Core Framework 安全漏洞 | |
| CVE-2024-30931 | Emby 安全漏洞 | |
| CVE-2024-21739 | Geehy APM32 安全漏洞 | |
| CVE-2024-21741 | GigaDevice GD32E103C8T6 安全漏洞 | |
| CVE-2024-21740 | Artery AT32F415CBT7和AT32F421C8T7 安全漏洞 | |
| CVE-2024-37855 | Nepstech Router 安全漏洞 | |
| CVE-2024-37742 | Safe Exam Browser 安全漏洞 | |
| CVE-2024-37820 | PingCAP TiDB 安全漏洞 | |
| CVE-2024-36819 | MAPOS 安全漏洞 | |
| CVE-2024-34400 | Boa和Web 安全漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2024-37843
No comments yet