CVE-2024-8335 | OpenRapid RapidCMS up to 1.3.1 /resource/runlogon.php username sql injection

Inserito da Angelo Barbosa | Ago 30, 2024 | CVE

A vulnerability classified as critical has been found in OpenRapid RapidCMS up to 1.3.1. Affected is an unknown function of the file /resource/runlogon.php. The manipulation of the argument username leads to sql injection.

This vulnerability is traded as CVE-2024-8335. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-8335 | OpenRapid RapidCMS up to 1.3.1 /resource/runlogon.php username sql injection

Post correlati

CVE-2024-5379 | JFinalCMS up to 20240111 /admin/template directory cross site scripting (I8VHGR)

CVE-2024-38479 | Apache Traffic Server up to 9.2.5 Cache Key Plugin

CVE-2024-24813 | Frappe up to 14.63.x Whitelist sql injection

CVE-2024-29829 | Ivanti Endpoint Manager GetLogFileRulesSQL sql injection