CVE-2024-12965 | 1000 Projects Portfolio Management System MCA 1.0 /update_ex_detail.php q sql injection

Posted by Angelo Barbosa | Dec 26, 2024 | CVE

A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /update_ex_detail.php. The manipulation of the argument q leads to sql injection.

This vulnerability was named CVE-2024-12965. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-12965 | 1000 Projects Portfolio Management System MCA 1.0 /update_ex_detail.php q sql injection

Related Posts

CVE-2024-43188 | IBM Business Automation Workflow 22.0.2/23.0.1/23.0.2/24.0.0 client-side enforcement of server-side security

CVE-2024-44778 | vTiger CRM 7.4.0 parent cross site scripting

CVE-2023-48183 | QuickJS build_for_in_iterator null pointer dereference (Issue 192)

CVE-2024-35384 | Cesanta mjs 2.20.0 mjs.c mjs_array_length denial of service