CVE-2024-12961 | 1000 Projects Portfolio Management System MCA 1.0 /update_ach_details.php q sql injection

Posted by Angelo Barbosa | Dec 26, 2024 | CVE

A vulnerability, which was classified as critical, was found in 1000 Projects Portfolio Management System MCA 1.0. Affected is an unknown function of the file /update_ach_details.php. The manipulation of the argument q leads to sql injection.

This vulnerability is traded as CVE-2024-12961. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-12961 | 1000 Projects Portfolio Management System MCA 1.0 /update_ach_details.php q sql injection

Related Posts

CVE-2024-42348 | FOGproject FOG up to 1.5.10.41.2 Computer Registration command injection (GHSA-456c-4gw3-c9xw)

CVE-2024-32528 | Seerox WP Dynamic Keywords Injector Plugin up to 2.3.18 on WordPress cross site scripting

CVE-2024-5557 | Schneider Electric SpaceLogic AS-P/SpaceLogic AS-B up to 5.0.3 SNMP Credentials log file (SEVD-2024-163-04)

CVE-2024-6191 | itsourcecode Student Management System 1.0 Login Page login.php user sql injection