CVE-2024-24004 | jshERP 3.3 findInOutDetail sql injection (Issue 99)

Posted by Angelo Barbosa | Feb 7, 2024 | CVE

A vulnerability was found in jshERP 3.3. It has been rated as critical. Affected by this issue is the function findInOutDetail. The manipulation leads to sql injection.

This vulnerability is handled as CVE-2024-24004. Access to the local network is required for this attack to succeed. There is no exploit available.

CVE-2024-24004 | jshERP 3.3 findInOutDetail sql injection (Issue 99)

Related Posts

CVE-2024-23729 | ColorOS Internet Browser 45.10.3.4.1 on Android com.android.browser.RealBrowserActivity cross site scripting

CVE-2024-37109 | Membership Software WishList Member X Plugin up to 3.25.1 on WordPress code injection

CVE-2024-4931 | SourceCodester Simple Online Bidding System 1.0 index.php id sql injection

CVE-2024-33615 | CyberPower PowerPanel up to 4.9.0 ZIP File path traversal (icsa-24-123-01)