CVE-2024-6009 | itsourcecode Event Calendar 1.0 process.php regConfirm/regDelete userId sql injection

Inserito da Angelo Barbosa | Giu 14, 2024 | CVE

A vulnerability has been found in itsourcecode Event Calendar 1.0 and classified as critical. Affected by this vulnerability is the function regConfirm/regDelete of the file process.php. The manipulation of the argument userId leads to sql injection.

This vulnerability is known as CVE-2024-6009. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-6009 | itsourcecode Event Calendar 1.0 process.php regConfirm/regDelete userId sql injection

Post correlati

CVE-2024-9810 | SourceCodester Record Management System 1.0 sort2_user.php qualification cross site scripting

CVE-2024-49257 | Denis Azz Anonim Posting Plugin up to 0.9 on WordPress unrestricted upload

CVE-2024-1151 | Linux Kernel up to 6.8-rc3 Open vSwitch Sub-Component stack-based overflow

CVE-2023-28869 | NCP Secure Enterprise Client up to 12.21 symlink (usd-2022-0003)