CVE-2024-12959 | 1000 Projects Portfolio Management System MCA 1.0 update_personal_details.php q sql injection

Posted by Angelo Barbosa | Dec 26, 2024 | CVE

A vulnerability classified as critical was found in 1000 Projects Portfolio Management System MCA 1.0. This vulnerability affects unknown code of the file /update_personal_details.php. The manipulation of the argument q leads to sql injection.

This vulnerability was named CVE-2024-12959. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-12959 | 1000 Projects Portfolio Management System MCA 1.0 update_personal_details.php q sql injection

Related Posts

CVE-2024-23848 | Linux Kernel up to 6.7.1 cec-adap.c cec_queue_msg_fh use after free

CVE-2024-28752 | Apache CXF up to 3.5.7/3.6.2/4.0.3 Aegis Databinding server-side request forgery

CVE-2024-36278 | OpenHarmony up to 4.0.1 type confusion

CVE-2024-52592 | Misskey up to 2024.11.0-alpha.2 ApInboxService.update access control (GHSA-5h8r-gq97-xv69)