CVE-2024-41804 | xibosignage xibo-cms up to 3.3.11/4.0.13 sql injection (GHSA-4pp3-4mw7-qfwr)

Posted by Angelo Barbosa | Jul 30, 2024 | CVE

A vulnerability has been found in xibosignage xibo-cms up to 3.3.11/4.0.13 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection.

This vulnerability is known as CVE-2024-41804. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-41804 | xibosignage xibo-cms up to 3.3.11/4.0.13 sql injection (GHSA-4pp3-4mw7-qfwr)

Related Posts

CVE-2024-32955 | Foliovision FV Flowplayer Video Player Plugin up to 7.5.43.7212 on WordPress server-side request forgery

CVE-2023-50376 | smp7 Simple Membership Plugin up to 4.3.8 on WordPress cross site scripting

CVE-2024-26495 | Friendica 2023.12 BBCode Tag cross site scripting (Issue 13884)

CVE-2024-31412 | Omron CX-Programmer up to 9.81 out-of-bounds (OMSR-2024-003)