CVE-2024-22626 | Complete Supplier Management System 1.0 edit_retailer.php id sql injection

Inserito da Angelo Barbosa | Gen 16, 2024 | CVE

A vulnerability has been found in Complete Supplier Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /Supply_Management_System/admin/edit_retailer.php. The manipulation of the argument id leads to sql injection.

This vulnerability is known as CVE-2024-22626. The attack needs to be approached within the local network. There is no exploit available.

CVE-2024-22626 | Complete Supplier Management System 1.0 edit_retailer.php id sql injection

Post correlati

CVE-2024-3186 | EmbedThis GoAhead up to 6.0.0 Javascript Template evalExpr null pointer dereference

CVE-2024-27333 | Kofax Power PDF GIF File Parser out-of-bounds

CVE-2022-48759 | Linux Kernel up to 5.16.4 lib/debugobjects.c rpmsg_ctrldev_release_device state issue

CVE-2021-47152 | Linux Kernel up to 5.10.41/5.12.8 MPTCP Protocol mptcp_frag_can_collapse_to allocation of resources (3267a061096e/18e7f0580da1/29249eac5225)