CVE-2024-24001 | jshERP 3.3 findallocationDetail sql injection (Issue 99)

Posted by Angelo Barbosa | Feb 7, 2024 | CVE

A vulnerability was found in jshERP 3.3. It has been classified as critical. Affected is the function findallocationDetail. The manipulation leads to sql injection.

This vulnerability is traded as CVE-2024-24001. The attack needs to be initiated within the local network. There is no exploit available.

CVE-2024-24001 | jshERP 3.3 findallocationDetail sql injection (Issue 99)

Related Posts

CVE-2024-47833 | Avaiga taipy up to 3.x cookie httponly flag (GHSA-r3jq-4r5c-j9hp)

CVE-2024-33401 | DedeCMS 5.7.113 mnum cross site scripting

CVE-2024-41839 | Adobe Experience Manager up to 6.5.20 input validation (apsb24-28)

CVE-2024-34474 | Clario up to 2024-04-11 permission