CVE-2019-25159 | mpedraza2020 Intranet del Monterroso up to 4.50.0 config/cargos.php dni_profe sql injection

Inserito da Angelo Barbosa | Feb 2, 2024 | CVE

A vulnerability was found in mpedraza2020 Intranet del Monterroso up to 4.50.0. It has been classified as critical. This affects an unknown part of the file config/cargos.php. The manipulation of the argument dni_profe leads to sql injection.

This vulnerability is uniquely identified as CVE-2019-25159. The attack needs to be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2019-25159 | mpedraza2020 Intranet del Monterroso up to 4.50.0 config/cargos.php dni_profe sql injection

Post correlati

CVE-2024-29489 | Jerryscript 2.4.0 ecma-helpers.c ecma_get_object_type memory corruption (Issue 5101)

CVE-2024-46647 | eNMS up to 4.7.1 upload_files path traversal

CVE-2024-31137 | JetBrains TeamCity prior 2024.03 Space Connection Configuration cross site scripting

CVE-2022-41695 | SedLex Traffic Manager Plugin up to 1.4.5 on WordPress authorization