Key Information 1. Vulnerability Name: - JINHER NETWORK COLLABORATIVE MANAGEMENT PLATFORM 金和数字化智能办公平台 ACCEPTSHOW.ASPX SQL INJECTION 2. Vulnerability ID: - VDB-283806 - CVE-2024-11060 3. Affected Component: - Jinher Network Collaborative Management Platform 金和数字化智能办公平台 1.0 4. Vulnerability Description: - CVSS Meta Temp Score: 6.0 - Current Vulnerability Price: $0-$5k - CTI Interest Score: 1.78 5. Vulnerability Impact: - CWE-89: SQL Injection - Impact: May lead to compromise of confidentiality, integrity, and availability 6. Vulnerability Disclosure: - Disclosure Date: 2024 - Disclosure Platform: github.com - Vulnerability ID: CVE-2024-11060 - Severity: Critical - Exploit Difficulty: Easy - Remote Exploitation Possible: Yes - Technical Details and Public Exploit: Known - Exploit Tools: Publicly Available - Exploit Type: Proof of Concept 7. Recommended Actions: - Recommendation: Use alternative products Related Links GitHub: github.com CVE ID: CVE-2024-11060 MITRE ATT&CK: T1505 Additional Information Copyright: 1997-2024 vuldb.com, CC BY-NC-SA Version: v18.10.0