CVE advisoryCRITICAL
CVE-2024-37858
Lost and Found Information System 1.0 SQL Injection Privilege Escalation
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A critical SQL injection vulnerability exists in the Lost and Found Information System, potentially allowing unauthenticated remote attackers to escalate privileges by manipulating a parameter. This could lead to unauthorized access and modification of system data. Given its network accessibility, understanding the sys