CVE-2024-12949 | code-projects Travel Management System 1.0 /package.php subcatid sql injection

Inserito da Angelo Barbosa | Dic 25, 2024 | CVE

A vulnerability was found in code-projects Travel Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /package.php. The manipulation of the argument subcatid leads to sql injection.

This vulnerability was named CVE-2024-12949. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-12949 | code-projects Travel Management System 1.0 /package.php subcatid sql injection

Post correlati

CVE-2024-20071 | MediaTek MT6890/MT6990/MT7622 WLAN Driver out-of-bounds (WCNCR00364733)

CVE-2024-47340 | PickPlugins Post Grid and Gutenberg Blocks Plugin up to 2.2.89 on WordPress cross site scripting

CVE-2023-49707 | joomlart S5 Register Module up to 3.0.0 on Joomla sql injection

CVE-2024-27784 | Fortinet FortiAIOps 2.0.0 API Endpoint log file (FG-IR-24-072)