CVE-2024-13007 | Codezips Event Management System 1.0 /contact.php title sql injection

Posted by Angelo Barbosa | Dec 28, 2024 | CVE

A vulnerability, which was classified as critical, was found in Codezips Event Management System 1.0. Affected is an unknown function of the file /contact.php. The manipulation of the argument title leads to sql injection.

This vulnerability is traded as CVE-2024-13007. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-13007 | Codezips Event Management System 1.0 /contact.php title sql injection

Related Posts

CVE-2024-4939 | wpweaver Weaver Xtreme Theme Support Plugin up to 6.4 on WordPress cross site scripting

CVE-2024-5429 | Logo Slider Plugin up to 4.0.x on WordPress Attribute cross site scripting

CVE-2024-4355 | Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin authorization

CVE-2024-23298 | Apple Xcode up to 15.2 state issue (HT214092)