CVE-2024-50658 | AdPortal 3.0.39 Template updateuserinfo.html shippingAsBilling/firstname injection

Inserito da Angelo Barbosa | Gen 7, 2025 | CVE

A vulnerability, which was classified as critical, has been found in AdPortal 3.0.39. Affected by this issue is some unknown functionality of the file updateuserinfo.html of the component Template Handler. The manipulation of the argument shippingAsBilling/firstname leads to injection.

This vulnerability is handled as CVE-2024-50658. The attack may be launched remotely. There is no exploit available.

CVE-2024-50658 | AdPortal 3.0.39 Template updateuserinfo.html shippingAsBilling/firstname injection

Post correlati

CVE-2023-49335 | Zoho ManageEngine ADAudit Plus up to 7270 File Server Detail sql injection

CVE-2024-6596 | Endress+Hauser Field Xpert SMT79 code injection (VDE-2024-041)

CVE-2024-9809 | SourceCodester Online Eyewear Shop 1.0 Master.php delete_product id sql injection

CVE-2024-23725 | Ghost up to 5.75.x Post Summary excerpt.js cross site scripting