CVE-2024-0479 | Taokeyun up to 1.0.5 HTTP POST Request User.php login username sql injection

Inserito da Angelo Barbosa | Gen 12, 2024 | CVE

A vulnerability was found in Taokeyun up to 1.0.5. It has been classified as critical. Affected is the function login of the file application/index/controller/m/User.php of the component HTTP POST Request Handler. The manipulation of the argument username leads to sql injection.

This vulnerability is traded as CVE-2024-0479. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-0479 | Taokeyun up to 1.0.5 HTTP POST Request User.php login username sql injection

Post correlati

CVE-2023-51750 | ScaleFusion 10.5.2 File Download Privilege Escalation

CVE-2024-28699 | pdf2json 0.70 ImgOutputDev buffer overflow

CVE-2024-40475 | SourceCodester Best House Rental Management System 1.0 payment_report.php access control

CVE-2024-44093 | Google Android drm/code/drm_fw.c ppmp_unprotect_buf memory corruption