CVE-2024-0307 | Kashipara Dynamic Lab Management System up to 1.0 login_process.php password sql injection

Inserito da Angelo Barbosa | Gen 7, 2024 | CVE

A vulnerability was found in Kashipara Dynamic Lab Management System up to 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login_process.php. The manipulation of the argument password leads to sql injection.

This vulnerability was named CVE-2024-0307. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-0307 | Kashipara Dynamic Lab Management System up to 1.0 login_process.php password sql injection

Post correlati

CVE-2023-48424 | Google Android U-Boot Shell Privilege Escalation

CVE-2023-43116 | Buildkite Elastic CI for AWS up to 5.22.4/6.7.0 PIPELINE_PATH symlink (ATREDIS-2023-0003)

CVE-2023-45847 | Mattermost up to 8.1.5/9.0.3/9.1.2/9.2.1 Playbooks Plugin resource consumption

CVE-2024-34472 | HSC Mailinspector up to 5.2.18 POST Request mliRealtimeEmails.php ordemGrid sql injection