CVE-2024-41803 | xibosignage xibo-cms up to 3.3.11/4.0.13 sql injection (GHSA-hpc5-mxfq-44hv)

Posted by Angelo Barbosa | Jul 30, 2024 | CVE

A vulnerability, which was classified as critical, was found in xibosignage xibo-cms up to 3.3.11/4.0.13. Affected is an unknown function. The manipulation leads to sql injection.

This vulnerability is traded as CVE-2024-41803. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-41803 | xibosignage xibo-cms up to 3.3.11/4.0.13 sql injection (GHSA-hpc5-mxfq-44hv)

Related Posts

CVE-2024-26698 | Linux Kernel up to 5.10.209/5.15.148/6.1.78/6.6.17/6.7.5 hv_netvsc netvsc_probe race condition

CVE-2024-8449 | PLANET Technology GS-4210-24P2S Hardware 3.0 Serial Console hard-coded credentials

CVE-2024-41804 | xibosignage xibo-cms up to 3.3.11/4.0.13 sql injection (GHSA-4pp3-4mw7-qfwr)

CVE-2024-32312 | Tenda F1203 2.0.1.6 formWanParameterSetting adslPwd stack-based overflow