CVE-2024-29432 | Alldata 0.4.6 /data/masterdata/datas tablename sql injection

Inserito da Angelo Barbosa | Apr 3, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Alldata 0.4.6. Affected by this issue is some unknown functionality of the file /data/masterdata/datas. The manipulation of the argument tablename leads to sql injection.

This vulnerability is handled as CVE-2024-29432. The attack may be launched remotely. There is no exploit available.

CVE-2024-29432 | Alldata 0.4.6 /data/masterdata/datas tablename sql injection

Post correlati

CVE-2023-6654 | PHPEMS 6.x/7.0 Session Data lib/session.cls.php deserialization

CVE-2024-0874 | CoreDNS CD Bit Response access control

CVE-2024-34955 | code-projects Budget Management 1.0 delete sql injection

CVE-2024-29804 | Team Heateor Fancy Comments Plugin up to 1.2.14 on WordPress cross site scripting