CVE-2024-12245

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined.

Description: A blind SQL injection exists in the logout functionality, allowing unauthenticated attackers to exploit it. Using a time-based blind SQLi technique, an attacker can disclose all database contents. This could potentially lead to account takeover, depending on the presence or lack of certain entries in database tables.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.