How severe is CVE-2024-10841?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 8 out of 10.

What type of vulnerability is CVE-2024-10841?

This is classified as CWE-74, which is a common weakness in software security.

CVE-2024-10841 - MEDIUM Severity | CVSS 8

Vulnerability Description

A vulnerability classified as critical was found in romadebrian WEB-Sekolah 1.0. Affected by this vulnerability is an unknown functionality of the file /Proses_Kirim.php of the component Mail Handler. The manipulation of the argument Name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Related Vulnerabilities

CVE-2020-23050

HIGH

CVSS:8.0(High)

TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a HTML injection vulnerability in the userFirstName parameter of the user account input field. This vulnerability allows attac...

CWE-742020

CVE-2021-0594

HIGH

CVSS:8.0(High)

In onCreate of ConfirmConnectActivity, there is a possible remote bypass of user consent due to improper input validation. This could lead to remote (proximal, NFC) escalation of privilege allowing an...

CWE-742021

CVE-2021-28829

HIGH

CVSS:8.0(High)

The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition Distribution for ...

CWE-742021

CVE-2021-41390

HIGH

CVSS:8.0(High)

In Ericsson ECM before 18.0, it was observed that Security Provider Endpoint in the User Profile Management Section is vulnerable to CSV Injection.

CWE-742021

CVE-2023-48709

HIGH

CVSS:8.0(High)

iTop is an IT service management platform. When exporting data from backoffice or portal in CSV or Excel files, users' inputs may include malicious formulas that may be imported into Excel. As Excel 2...

CWE-742023

CVE-2025-2725

HIGH

CVSS:8.0(High)

A vulnerability classified as critical was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. Affected by this vulnerability is an unknown functionalit...

CWE-742025