CVE-2024-33267 | Hero hfheropayment up to 1.2.5 initContent sql injection

Posted by Angelo Barbosa | Apr 30, 2024 | CVE

A vulnerability was found in Hero hfheropayment up to 1.2.5 and classified as critical. This issue affects the function HfHeropaymentGatewayBackModuleFrontController::initContent. The manipulation leads to sql injection.

The identification of this vulnerability is CVE-2024-33267. The attack may be initiated remotely. There is no exploit available.

CVE-2024-33267 | Hero hfheropayment up to 1.2.5 initContent sql injection

Related Posts

CVE-2024-0372 | Views for WPForms Plugin up to 3.2.2 on WordPress get_form_fields authorization

CVE-2024-25533 | RuvarOA 6.01/12.01 OfficeFileUpdate.aspx information exposure

CVE-2024-3888 | tagDiv Composer Plugin up to 4.8 on WordPress Shortcode cross site scripting

CVE-2024-5273 | Report Info Plugin up to 1.2 on Jenkins Controller File System permission