CVE-2024-1924 | CodeAstro Membership Management System 1.0 get_membership_amount.php membershipTypeId sql injection

Inserito da Angelo Barbosa | Feb 27, 2024 | CVE

A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file /get_membership_amount.php. The manipulation of the argument membershipTypeId leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-1924. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2024-1924 | CodeAstro Membership Management System 1.0 get_membership_amount.php membershipTypeId sql injection

Post correlati

CVE-2024-0778 | Uniview ISC 2500-S up to 20210930 VM.php setNatConfig natAddress/natPort/natServerPort os command injection

CVE-2024-31041 | NanoMQ 0.21.7 mqtt_parser.c topic_filtern null pointer dereference

CVE-2022-48619 | Linux Kernel up to 5.17.9 Bitmap drivers/input/input.c input_set_capability denial of service

CVE-2024-4924 | Social Sharing Plugin up to 3.3.62 on WordPress Setting cross site scripting