CVE-2024-46078 | itsourcecode Sports Management System 1.0 player.php delete_category id sql injection

Inserito da Angelo Barbosa | Ott 4, 2024 | CVE

A vulnerability, which was classified as critical, was found in itsourcecode Sports Management System 1.0. Affected is the function delete_category of the file sports_scheduling/player.php. The manipulation of the argument id leads to sql injection.

This vulnerability is traded as CVE-2024-46078. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-46078 | itsourcecode Sports Management System 1.0 player.php delete_category id sql injection

Post correlati

CVE-2021-38120 | OpenText NetIQ Advance Authentication up to 6.3.5.0 command injection

CVE-2023-50711 | vmm-sys-util prior 0.12.0 deserialization

CVE-2023-51489 | Automattic Crowdsignal Dashboard Plugin up to 3.0.11 on WordPress cross-site request forgery

CVE-2023-40236 | Pexip VMR Self-Service Portal up to 2 default key