CVE-2024-29873 | Sentrifugo 3.2 html bunitname sql injection

Posted by Angelo Barbosa | Mar 21, 2024 | CVE

A vulnerability was found in Sentrifugo 3.2. It has been classified as critical. This affects an unknown part of the file through /sentrifugo/index.php/reports/businessunits/format/html. The manipulation of the argument bunitname leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-29873. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-29873 | Sentrifugo 3.2 html bunitname sql injection

Related Posts

CVE-2023-50809 | Sonos S1/S2 Wireless Driver mt_7615.ko stack-based overflow (security-advisory-2024-0001)

CVE-2024-0703 | Sticky Buttons Plugin up to 3.2.2 on WordPress cross site scripting

CVE-2024-32517 | WooCommerce & WordPress Tutorials Custom Thank You Page Customize for WooCommerce by Binary Carpenter Plugin authorization

CVE-2024-22028 | Three R Solution 3R-TMC06 information disclosure