CVE-2024-30163 | Invision Community up to 4.7.15 store.php _store::_categoryView filter sql injection

Inserito da Angelo Barbosa | Apr 14, 2024 | CVE

A vulnerability was found in Invision Community up to 4.7.15 and classified as critical. This issue affects the function _store::_categoryView of the file /applications/nexus/modules/front/store/store.php. The manipulation of the argument filter leads to sql injection.

The identification of this vulnerability is CVE-2024-30163. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-30163 | Invision Community up to 4.7.15 store.php _store::_categoryView filter sql injection

Post correlati

CVE-2024-25515 | RuvarOA 6.01/12.01 wf_work_finish_file_down.aspx sys_file_storage_id sql injection

CVE-2023-27636 | Progress Sitefinity CMS up to 14.x SF Editor cross site scripting

CVE-2021-47177 | Linux Kernel up to 5.12.8 vt-d alloc_iommu memory leak

CVE-2024-5671 | Trellix Intrusion Prevention System Manager prior 11.1.x deserialization