CVE-2024-29726 | SportsNET 4.0.1 /app/ax/setAsRead/ id sql injection

Posted by Angelo Barbosa | Aug 29, 2024 | CVE

A vulnerability was found in SportsNET 4.0.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /app/ax/setAsRead/. The manipulation of the argument id leads to sql injection.

This vulnerability is known as CVE-2024-29726. The attack can be launched remotely. There is no exploit available.

CVE-2024-29726 | SportsNET 4.0.1 /app/ax/setAsRead/ id sql injection

Related Posts

CVE-2024-34824 | ThemeBoy SportsPress Plugin up to 2.7.20 on WordPress authorization

CVE-2021-47047 | Linux Kernel up to 5.10.36/5.11.20/5.12.3 spi-zynqmp-gqspi dma_map_single buffer overflow

CVE-2024-41624 | Himalaya Xiaoya Nano Smart Speaker 1.6.96 rom_version access control

CVE-2024-42249 | Linux Kernel up to 6.9.9 spi_async information disclosure (8b9af6d67517/c86a918b1bdb)