CVE-2024-2622 | Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 editemedia.php number/enterprise_uuid sql injection

Posted by Angelo Barbosa | Mar 18, 2024 | CVE

A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318. It has been classified as critical. This affects an unknown part of the file /api/client/editemedia.php. The manipulation of the argument number/enterprise_uuid leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-2622. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2024-2622 | Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 editemedia.php number/enterprise_uuid sql injection

Related Posts

CVE-2023-42948 | Apple macOS up to 13.x Wi-Fi Password denial of service

CVE-2024-37489 | OceanWP Ocean Extra Plugin up to 2.2.9 on WordPress cross site scripting

CVE-2024-26132 | Element up to 1.6.11 on Android information disclosure (GHSA-8wj9-cx7h-pvm4)

CVE-2024-24556 | urql-graphql urql up to 1.1.0 cross site scripting (GHSA-qhjf-hm5j-335w)