CVE-2024-8945 | CodeCanyon RISE Ultimate Project Manager 3.7.0 save id sql injection

Inserito da Angelo Barbosa | Set 17, 2024 | CVE

A vulnerability has been found in CodeCanyon RISE Ultimate Project Manager 3.7.0 and classified as critical. This vulnerability affects unknown code of the file /index.php/dashboard/save. The manipulation of the argument id leads to sql injection.

This vulnerability was named CVE-2024-8945. The attack can be initiated remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2024-8945 | CodeCanyon RISE Ultimate Project Manager 3.7.0 save id sql injection

Post correlati

CVE-2023-44251 | Fortinet FortiWAN up to 5.1.2/5.2.1 HTTP Request path traversal (FG-IR-23-265)

CVE-2024-45299 | alfio-event alf.io up to 2.0-M4 Content Security Policy escape output (GHSA-mcx6-25f8-8rqw)

CVE-2024-31279 | Catch Plugins Generate Child Theme up to 2.0 on WordPress cross-site request forgery

CVE-2024-34509 | DCMTK up to 3.6.8 dcmdata memory corruption