CVE-2024-13007 | Codezips Event Management System 1.0 /contact.php title sql injection

Posted by Angelo Barbosa | Dec 28, 2024 | CVE

A vulnerability, which was classified as critical, was found in Codezips Event Management System 1.0. Affected is an unknown function of the file /contact.php. The manipulation of the argument title leads to sql injection.

This vulnerability is traded as CVE-2024-13007. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-13007 | Codezips Event Management System 1.0 /contact.php title sql injection

Related Posts

CVE-2024-42391 | Cesanta Mongoose Web Server up to 7.14 TLS Packet out-of-range pointer offset

CVE-2024-20700 | Microsoft Windows up to Server 2022 23H2 Hyper-V Remote Code Execution

CVE-2024-32836 | WP Lab WP-Lister Lite for eBay Plugin up to 3.5.11 on WordPress unrestricted upload

CVE-2024-30602 | Tenda FH1203 2.0.1.6 /goform/openSchedWifi setSchedWifi schedStartTime stack-based overflow