CVE-2024-9788 | LyLme_spage 1.9.5 /admin/tag.php id sql injection

Inserito da Angelo Barbosa | Ott 10, 2024 | CVE

A vulnerability has been found in LyLme_spage 1.9.5 and classified as critical. This vulnerability affects unknown code of the file /admin/tag.php. The manipulation of the argument id leads to sql injection.

This vulnerability was named CVE-2024-9788. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-9788 | LyLme_spage 1.9.5 /admin/tag.php id sql injection

Post correlati

CVE-2024-22426 | Dell RecoverPoint for Virtual Machines up to 5.3 SP3 P2 os command injection (dsa-2024-092)

CVE-2023-46143 | Phoenix Contact Automation Worx Software Suite all code download (VDE-2023-057)

CVE-2024-42813 | TRENDnet TEW-752DRU 1.03B01 gena.cgi service buffer overflow

CVE-2023-6591 | Popup Box Plugin up to 20.8.x on WordPress Setting cross site scripting