CVE-2024-37699 | DataLife Engine up to 17.1 dboption sql injection

Posted by Angelo Barbosa | Jun 20, 2024 | CVE

A vulnerability classified as critical has been found in DataLife Engine up to 17.1. This affects an unknown part. The manipulation of the argument dboption leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-37699. Access to the local network is required for this attack to succeed. Furthermore, there is an exploit available.

CVE-2024-37699 | DataLife Engine up to 17.1 dboption sql injection

Related Posts

CVE-2024-24050 | SourceCodester Workout Journal App 1.0 /add-user.php firstname/lastname cross site scripting

CVE-2024-2221 | Qdrant up to 1.7.x upload unrestricted upload

CVE-2024-47087 | Apex Softcell LD Geo API Endpoint Client ID/DPID/BOID exposure of private personal information to an unauthorized actor (CIVN-2024-0296)

CVE-2024-39348 | Synology Router Manager prior 1.2.5-8227-11/1.3.1-9346-8 AirPrint code download (SA_23_16)