CVE-2024-29871 | Sentrifugo 3.2 updatecontactnumber id sql injection

Inserito da Angelo Barbosa | Mar 21, 2024 | CVE

A vulnerability classified as critical was found in Sentrifugo 3.2. Affected by this vulnerability is an unknown functionality of the file /sentrifugo/index.php/index/getdepartments/sentrifugo/index.php/index/updatecontactnumber. The manipulation of the argument id leads to sql injection.

This vulnerability is known as CVE-2024-29871. The attack can be launched remotely. There is no exploit available.

CVE-2024-29871 | Sentrifugo 3.2 updatecontactnumber id sql injection

Post correlati

CVE-2024-7605 | HelloAsso Plugin up to 1.1.10 on WordPress Options Update authorization

CVE-2023-51456 | DJI Mavic 3 Pro Service Port 10000 v2_pack_array_to_msg memory corruption

CVE-2023-50343 | HCL DRYiCE MyXalytics 5.9/6.0/6.1 API Endpoint access control (KB0109608)

CVE-2024-4976 | Xpdf up to 4.05 AcroForm Field Reference out-of-bounds write