CVE-2024-2014 | Panabit Panalog 202103080942 sprog_upstatus.php id sql injection

Posted by Angelo Barbosa | Feb 29, 2024 | CVE

A vulnerability classified as critical was found in Panabit Panalog 202103080942. This vulnerability affects unknown code of the file /Maintain/sprog_upstatus.php. The manipulation of the argument id leads to sql injection.

This vulnerability was named CVE-2024-2014. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-2014 | Panabit Panalog 202103080942 sprog_upstatus.php id sql injection

Related Posts

CVE-2023-47162 | IBM Sterling Secure Proxy 6.0.3/6.1.0 Web UI cross site scripting (XFDB-270973)

CVE-2024-32861 | Johnson Controls Software House CCURE 9000 default permission (icsa-24-191-05)

CVE-2024-2252 | Droit Elementor Addons Plugin up to 3.1.5 on WordPress cross site scripting

CVE-2024-22956 | SWFTools 0.9.2 swftools/src/swfc.c removeFromTo use after free (Issue 208)