CVE-2024-30163 | Invision Community up to 4.7.15 store.php _store::_categoryView filter sql injection

Inserito da Angelo Barbosa | Apr 14, 2024 | CVE

A vulnerability was found in Invision Community up to 4.7.15 and classified as critical. This issue affects the function _store::_categoryView of the file /applications/nexus/modules/front/store/store.php. The manipulation of the argument filter leads to sql injection.

The identification of this vulnerability is CVE-2024-30163. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-30163 | Invision Community up to 4.7.15 store.php _store::_categoryView filter sql injection

Post correlati

CVE-2024-41744 | IBM CICS TX Standard 11.1 cross-site request forgery

CVE-2024-34152 | Mattermost up to 8.1.12/9.5.3/9.6.1 GraphQL Query access control

CVE-2024-0306 | Kashipara Dynamic Lab Management System up to 1.0 admin_login_process.php admin_password sql injection

CVE-2024-4080 | NI LabVIEW up to 24.1 VI tdcore.dll memory corruption