{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-01T23:45:07.210","vulnerabilities":[{"cve":{"id":"CVE-2024-48072","sourceIdentifier":"cve@mitre.org","published":"2024-11-19T18:15:21.437","lastModified":"2026-06-17T07:58:11.190","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Weaver Ecology v9.* was discovered to contain a SQL injection vulnerability via the component /mobilemode/Action.jsp?invoker=com.weaver.formmodel.mobile.mec.servlet.MECAction&action=getFieldTriggerValue&searchField=*&fromTable=HrmResourceManager&whereClause=1%3d1&triggerCondition=1&expression=%3d&fieldValue=1."},{"lang":"es","value":"Se descubrió que Weaver Ecology v9.* contenía una vulnerabilidad de inyección SQL a través del componente /mobilemode/Action.jsp?invoker=com.weaver.formmodel.mobile.mec.servlet.MECAction&amp;action=getFieldTriggerValue&amp;searchField=*&amp;fromTable=HrmResourceManager&amp;whereClause=1%3d1&amp;triggerCondition=1&amp;expression=%3d&amp;fieldValue=1."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"weaver","product":"e-cology","defaultStatus":"unknown","cpes":["cpe:2.3:a:weaver:e-cology:*:*:*:*:*:*:*:*"],"versions":[{"version":"9.*","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-21T16:29:44.569965Z","id":"CVE-2024-48072","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:weaver:e-cology:8.0:*:*:*:*:*:*:*","matchCriteriaId":"A5D2E594-94E1-4497-9CCE-6F5D1A50B242"},{"vulnerable":true,"criteria":"cpe:2.3:a:weaver:e-cology:9.0:*:*:*:*:*:*:*","matchCriteriaId":"076EC640-EC76-442F-968D-B46303DA4DF3"}]}]}],"references":[{"url":"https://gist.github.com/CoinIsMoney/8ca1f2bf2e0399724c698327f2da8579","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/stuven1989/TemporaryGuild/blob/main/files/exp-eng4.pdf","source":"cve@mitre.org","tags":["Broken Link"]}]}}]}