CVE-2024-34472

Published: May 6, 2024

Modified: Nov 25, 2025

PUBLISHED

Description

An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An authenticated blind SQL injection vulnerability exists in the mliRealtimeEmails.php file. The ordemGrid parameter in a POST request to /mailinspector/mliRealtimeEmails.php does not properly sanitize input, allowing an authenticated attacker to execute arbitrary SQL commands, leading to the potential disclosure of the entire application database.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/osvaldotenorio/CVE-2024-34472

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-34472

Description

Affected Products

References