CVE-2024-42564 | ERP 44bd04 delete id sql injection

Inserito da Angelo Barbosa | Ago 20, 2024 | CVE

A vulnerability was found in ERP 44bd04. It has been classified as critical. Affected is an unknown function of the file /index.php/basedata/inventory/delete?action=delete. The manipulation of the argument id leads to sql injection.

This vulnerability is traded as CVE-2024-42564. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-42564 | ERP 44bd04 delete id sql injection

Post correlati

CVE-2024-26577 | VSeeFace up to 1.13.38.c2 UDP Packet denial of service

CVE-2024-5868 | WooCommerce plugin up to 2.6.2 on WordPress Email Verification random values

CVE-2024-3412 | WP STAGING Backup Plugin up to 3.4.3 on WordPress unrestricted upload

CVE-2023-4509 | Octopus Server prior 2023.4.296/2024.1.437/2024.2.101 API Key log file