CVE-2024-12960 | 1000 Projects Portfolio Management System MCA 1.0 /update_edu_details.php q sql injection

Inserito da Angelo Barbosa | Dic 26, 2024 | CVE

A vulnerability, which was classified as critical, has been found in 1000 Projects Portfolio Management System MCA 1.0. This issue affects some unknown processing of the file /update_edu_details.php. The manipulation of the argument q leads to sql injection.

The identification of this vulnerability is CVE-2024-12960. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-12960 | 1000 Projects Portfolio Management System MCA 1.0 /update_edu_details.php q sql injection

Post correlati

CVE-2024-56235 | Coupon Plugin up to 1.2.1 on WordPress cross site scripting

CVE-2024-24748 | Discourse up to 3.2.0/3.3.0.beta1 Subcategory information disclosure

CVE-2024-24130 | Mail2World v12 Business Control Center resellercenter/login.asp Usr cross site scripting

CVE-2024-5741 | Checkmk up to 2.1.0p44/2.2.0p27/2.3.0p6 Inventory Tree Renderer cross site scripting