CVE-2024-6970 | itsourcecode Tailoring Management System 1.0 /staffcatadd.php title sql injection

Inserito da Angelo Barbosa | Lug 21, 2024 | CVE

A vulnerability classified as critical has been found in itsourcecode Tailoring Management System 1.0. Affected is an unknown function of the file /staffcatadd.php. The manipulation of the argument title leads to sql injection.

This vulnerability is traded as CVE-2024-6970. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-6970 | itsourcecode Tailoring Management System 1.0 /staffcatadd.php title sql injection

Post correlati

CVE-2024-7552 | DataGear up to 5.0.0 Data Schema Page ConversionSqlParamValueMapper.java evaluateVariableExpression expression language injection (IAF3H7)

CVE-2024-2200 | BestWebSoft Contact Form Plugin up to 4.2.8 on WordPress cntctfrm_contact_subject cross site scripting

CVE-2024-50623 | Cleo Harmony/VLTrader/LexiCom up to 5.8.0.19 cross site scripting

CVE-2023-50070 | SourceCodester Customer Support System 1.0 ajax.php department_id/customer_id/subject sql injection