CVE-2024-33958 | Janobe E-Negosyo System 1.0 /passwordrecover.php phonenumber sql injection

Posted by Angelo Barbosa | Aug 6, 2024 | CVE

A vulnerability, which was classified as critical, was found in Janobe E-Negosyo System 1.0. Affected is an unknown function of the file /passwordrecover.php. The manipulation of the argument phonenumber leads to sql injection.

This vulnerability is traded as CVE-2024-33958. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-33958 | Janobe E-Negosyo System 1.0 /passwordrecover.php phonenumber sql injection

Related Posts

CVE-2024-32715 | Olive Themes Olive One Click Demo Import Plugin up to 1.1.1 on WordPress authorization

CVE-2024-36059 | Kalkitech ASE ASE61850 IEDSmart up to 2.3.5 IEC61850 File Transfer Protocol path traversal

CVE-2024-7443 | Vivotek IB8367A VVTK-0100b upload_file.cgi getenv QUERY_STRING command injection

CVE-2024-39815 | Vonets VGA-1000 up to 3.3.23.6.9 unknown vulnerability (icsa-24-214-08)