CVE-2024-6241 | Pear Admin Boot up to 2.0.2 getDictItems sql injection

Posted by Angelo Barbosa | Jun 21, 2024 | CVE

A vulnerability was found in Pear Admin Boot up to 2.0.2 and classified as critical. This issue affects the function getDictItems of the file /system/dictData/getDictItems/. The manipulation with the input ,user(),1,1 leads to sql injection.

The identification of this vulnerability is CVE-2024-6241. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-6241 | Pear Admin Boot up to 2.0.2 getDictItems sql injection

Related Posts

CVE-2024-7621 | Visual Website Collaboration, Feedback & Project Management Plugin Setting authorization

CVE-2024-42443 | Zoom Workplace Desktop App up to 6.1.4 on Linux denial of service

CVE-2024-2068 | SourceCodester Computer Inventory System 1.0 update-computer.php model cross site scripting

CVE-2024-4638 | Moxa OnCell G3470A-LTE up to 1.7.7 Web Key Upload command injection