CVE-2024-0733 | Smsot up to 2.12 HTTP POST Request /api.php data[sign] sql injection

Inserito da Angelo Barbosa | Gen 19, 2024 | CVE

A vulnerability was found in Smsot up to 2.12. It has been classified as critical. Affected is an unknown function of the file /api.php of the component HTTP POST Request Handler. The manipulation of the argument data[sign] leads to sql injection.

This vulnerability is traded as CVE-2024-0733. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-0733 | Smsot up to 2.12 HTTP POST Request /api.php data[sign] sql injection

Post correlati

CVE-2024-6936 | formtools.org Form Tools 3.1.1 Setting index.php Page Theme code injection

CVE-2023-45925 | GNU Midnight Commander 4.8.29-146-g299d9a2fb /tty/x11conn.c x_error_handler memory corruption

CVE-2023-47712 | IBM Security Guardium 11.3/11.4/11.5/12.0 improper ownership management (XFDB-271527)

CVE-2024-0533 | Tenda A15 15.13.07.13 Web-based Management Interface /goform/SetOnlineDevName devName stack-based overflow