CVE-2024-6009 | itsourcecode Event Calendar 1.0 process.php regConfirm/regDelete userId sql injection

Inserito da Angelo Barbosa | Giu 14, 2024 | CVE

A vulnerability has been found in itsourcecode Event Calendar 1.0 and classified as critical. Affected by this vulnerability is the function regConfirm/regDelete of the file process.php. The manipulation of the argument userId leads to sql injection.

This vulnerability is known as CVE-2024-6009. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-6009 | itsourcecode Event Calendar 1.0 process.php regConfirm/regDelete userId sql injection

Post correlati

CVE-2024-0564 | Linux Kernel up to 5.15.0-58 KSM memory corruption

CVE-2024-42242 | Linux Kernel up to 6.9.9 sdhci blk_queue_max_segment_size memory corruption (bf78b1accef4/63d20a94f24f)

CVE-2024-7076 | Semtek Sempos up to 31072024 sql injection

CVE-2024-38344 | Sola Plugins WP Tweet Walls up to 1.0.3 on WordPress cross-site request forgery