CVE-2024-24002 | jshERP 3.3 getListWithStock sql injection (Issue 99)

Posted by Angelo Barbosa | Feb 7, 2024 | CVE

A vulnerability was found in jshERP 3.3. It has been declared as critical. Affected by this vulnerability is the function getListWithStock. The manipulation leads to sql injection.

This vulnerability is known as CVE-2024-24002. Access to the local network is required for this attack. There is no exploit available.

CVE-2024-24002 | jshERP 3.3 getListWithStock sql injection (Issue 99)

Related Posts

CVE-2024-10413 | SourceCodester Online Hotel Reservation System 1.0 /guest/update.php upload image unrestricted upload

CVE-2024-24216 | Zentao up to 18.0/18.10 model.php checkConnection Privilege Escalation (Issue 133)

CVE-2024-34146 | Git Server Plugin up to 114.v068a_c7cc2574 on Jenkins permission

CVE-2024-0113 | NVIDIA Mellanox OS/Skyway/MetroX-3 XC/MetroX-2 URI path traversal