CVE-2024-2566 | Fujian Kelixin Communication Command and Dispatch Platform up to 20240313 get_extension_yl.php imei sql injection

Posted by Angelo Barbosa | Mar 16, 2024 | CVE

A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240313. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file api/client/get_extension_yl.php. The manipulation of the argument imei leads to sql injection.

This vulnerability is known as CVE-2024-2566. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-2566 | Fujian Kelixin Communication Command and Dispatch Platform up to 20240313 get_extension_yl.php imei sql injection

Related Posts

CVE-2024-1562 | WooCommerce Google Sheet Connector Plugin up to 1.3.11 on WordPress authorization

CVE-2024-5345 | Responsive Owl Carousel for Elementor Plugin up to 1.2.0 on WordPress file inclusion

CVE-2023-6402 | PHPGurukul Nipah Virus Testing Management System 1.0 add-phlebotomist.php empid sql injection

CVE-2023-4467 | Poly Trio 8800 7.2.6.0019 Test Automation Mode backdoor (MZ-23-01)