CVE-2024-33958 | Janobe E-Negosyo System 1.0 /passwordrecover.php phonenumber sql injection

Posted by Angelo Barbosa | Aug 6, 2024 | CVE

A vulnerability, which was classified as critical, was found in Janobe E-Negosyo System 1.0. Affected is an unknown function of the file /passwordrecover.php. The manipulation of the argument phonenumber leads to sql injection.

This vulnerability is traded as CVE-2024-33958. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-33958 | Janobe E-Negosyo System 1.0 /passwordrecover.php phonenumber sql injection

Related Posts

CVE-2024-45861 | Kastle Systems Access Control System hard-coded credentials (icsa-24-263-05)

CVE-2024-21533 | ggit URL Scheme clone argument injection (SNYK-JS-GGIT-5731319)

CVE-2024-40932 | Linux Kernel up to 6.9.5 get_modes memory leak

CVE-2023-52902 | Linux Kernel up to 6.1.7 do_mmap memory leak (1442d51026c5/7f31cced5724)