CVE-2024-2283 | boyiddha Automated-Mess-Management-System 1.0 /member/view.php date sql injection

Posted by Angelo Barbosa | Mar 7, 2024 | CVE

A vulnerability classified as critical has been found in boyiddha Automated-Mess-Management-System 1.0. Affected is an unknown function of the file /member/view.php. The manipulation of the argument date leads to sql injection.

This vulnerability is traded as CVE-2024-2283. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-2283 | boyiddha Automated-Mess-Management-System 1.0 /member/view.php date sql injection

Related Posts

CVE-2024-33575 | User Meta user-meta Plugin up to 3.0 on WordPress information disclosure

CVE-2024-28575 | FreeImage 3.19.0 r1909 J2K Image opj_j2k_read_mct buffer overflow

CVE-2024-22247 | Vmware SD-WAN Edge 4.5.x/5.0.x BIOS Configuration improper authentication (VMSA-2024-0008)

CVE-2023-52585 | Linux Kernel up to 6.7.3 amdgpu amdgpu_ras_query_error_status_helper null pointer dereference (195a6289282e/b8d55a90fd55)