CVE-2024-34334 | ORDAT FOSS-Online up to 2.24.00 Forgot Password sql injection

Posted by Angelo Barbosa | Sep 12, 2024 | CVE

A vulnerability was found in ORDAT FOSS-Online up to 2.24.00 and classified as critical. This issue affects some unknown processing of the component Forgot Password Handler. The manipulation leads to sql injection.

The identification of this vulnerability is CVE-2024-34334. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-34334 | ORDAT FOSS-Online up to 2.24.00 Forgot Password sql injection

Related Posts

CVE-2024-1642 | MainWP Dashboard Plugin up to 4.6.0.1 on WordPress posting_bulk cross-site request forgery

CVE-2022-48690 | Linux Kernel up to 5.19.8 XDP_SETUP_XSK_POOL ice_vsi_cfg_rxq memory leak (07f40e9f0ff3/7e753eb675f0)

CVE-2024-0993 | Tenda i6 1.0.0.9(3857) httpd /goform/WifiMacFilterGet formWifiMacFilterGet index stack-based overflow

CVE-2024-25604 | Liferay Portal/DXP User/Organizations Section authorization