CVE-2024-10165 | Codezips Sales Management System 1.0 deletecustcom.php id sql injection

Inserito da Angelo Barbosa | Ott 18, 2024 | CVE

A vulnerability was found in Codezips Sales Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file deletecustcom.php. The manipulation of the argument id leads to sql injection.

This vulnerability is known as CVE-2024-10165. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-10165 | Codezips Sales Management System 1.0 deletecustcom.php id sql injection

Post correlati

CVE-2024-38527 | mermaid-js zenuml-core up to 3.23.24 Markdown Comment cross site scripting

CVE-2024-25138 | AutomationDirect C-MORE EA9 HMI up to 6.77 credentials storage (icsa-24-086-01)

CVE-2024-2619 | Elementor Header & Footer Builder Plugin up to 1.6.26 on WordPress cross site scripting

CVE-2024-32848 | Ivanti EPM 2024/up to 2022 SU5 sql injection