CVE-2024-7105 | ForIP Tecnologia Administração PABX 1.x Lista Ura Page /detalheIdUra id sql injection

Inserito da Angelo Barbosa | Lug 25, 2024 | CVE

A vulnerability classified as critical has been found in ForIP Tecnologia Administração PABX 1.x. Affected is an unknown function of the file /detalheIdUra of the component Lista Ura Page. The manipulation of the argument id leads to sql injection.

This vulnerability is traded as CVE-2024-7105. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-7105 | ForIP Tecnologia Administração PABX 1.x Lista Ura Page /detalheIdUra id sql injection

Post correlati

CVE-2023-6776 | 3D Flipbook Plugin up to 1.15.2 on WordPress Ready cross site scripting

CVE-2024-25675 | MISP up to 2.4.183 Export Generation JobsController.php information disclosure

CVE-2024-40116 | Solar-Log 1000 prior 2.8.2 export.html cleartext storage

CVE-2023-43556 | Qualcomm Snapdragon Auto Hypervisor buffer overflow