CVE-2024-12942 | 1000 Projects Portfolio Management System MCA 1.0 /admin/admin_login.php username/password sql injection

Inserito da Angelo Barbosa | Dic 25, 2024 | CVE

A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/admin_login.php. The manipulation of the argument username/password leads to sql injection.

This vulnerability is traded as CVE-2024-12942. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-12942 | 1000 Projects Portfolio Management System MCA 1.0 /admin/admin_login.php username/password sql injection

Post correlati

CVE-2024-32666 | Intel RAID Web Console null pointer dereference (intel-sa-00926)

CVE-2024-24308 | Boostmyshop Module up to 1.1.9 on PrestaShop changeOrderCarrier.php sql injection

CVE-2024-3110 | mintplex-labs anything-llm up to 0.x cross site scripting

CVE-2024-2958 | SVS Pricing Tables Plugin up to 1.0.4 on WordPress cross site scripting