CVE-2024-39250 | EfroTech Timetrax 8.3 Search Web Interface q sql injection

Inserito da Angelo Barbosa | Lug 23, 2024 | CVE

A vulnerability classified as critical has been found in EfroTech Timetrax 8.3. Affected is an unknown function of the component Search Web Interface. The manipulation of the argument q leads to sql injection.

This vulnerability is traded as CVE-2024-39250. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-39250 | EfroTech Timetrax 8.3 Search Web Interface q sql injection

Post correlati

CVE-2024-40498 | PuneethReddyHC online-shopping-system-advanced 1.0 register.php address1 sql injection

CVE-2024-21501 | sanitize-html up to 2.12.0 Style Attribute information disclosure

CVE-2024-4090 | loating Notification Bar, Sticky Menu on Scroll, Announcement Banner, and Sticky Header for Any Plugin Setting cross site scripting

CVE-2024-43884 | Linux Kernel prior 4.3/6.11-rc5 Bluetooth pair_device null pointer dereference (538fd3921afa)