CVE-2024-29876 | Sentrifugo 3.2 activitylogreport sortby sql injection

Inserito da Angelo Barbosa | Mar 21, 2024 | CVE

A vulnerability was found in Sentrifugo 3.2. It has been classified as critical. Affected is an unknown function of the file /sentrifugo/index.php/reports/activitylogreport. The manipulation of the argument sortby leads to sql injection.

This vulnerability is traded as CVE-2024-29876. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-29876 | Sentrifugo 3.2 activitylogreport sortby sql injection

Post correlati

CVE-2024-2389 | Progress Flowmon up to 11.1.13/12.3.4 Management Interface os command injection

CVE-2016-15038 | NUUO NVRmini 2 up to 3.0.8 /deletefile.php filename path traversal (Exploit 40214)

CVE-2023-48694 | azure-rtos usbx up to 6.2.1 type confusion (GHSA-qjw8-7w86-44qj)

CVE-2023-6827 | Essential Real Estate Plugin up to 4.3.5 on WordPress unrestricted upload