CVE-2024-29872 | Sentrifugo 3.2 add agencyids sql injection

Posted by Angelo Barbosa | Mar 21, 2024 | CVE

A vulnerability was found in Sentrifugo 3.2. It has been rated as critical. This issue affects some unknown processing of the file through /sentrifugo/index.php/empscreening/add. The manipulation of the argument agencyids leads to sql injection.

The identification of this vulnerability is CVE-2024-29872. The attack may be initiated remotely. There is no exploit available.

CVE-2024-29872 | Sentrifugo 3.2 add agencyids sql injection

Related Posts

CVE-2024-37165 | Discourse up to 3.2.2/3.3.0.beta2 Onebox Data cross site scripting

CVE-2024-4071 | Kashipara Online Furniture Shopping Ecommerce Website 1.0 prodInfo.php prodId sql injection

CVE-2024-27333 | Kofax Power PDF GIF File Parser out-of-bounds

CVE-2024-4150 | Simple Basic Contact Form Plugin up to 20221201 on WordPress cross site scripting