CVE-2024-42565 | ERP 44bd04 delete id sql injection

Posted by Angelo Barbosa | Aug 20, 2024 | CVE

A vulnerability was found in ERP 44bd04. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php/basedata/contact/delete?action=delete. The manipulation of the argument id leads to sql injection.

This vulnerability is known as CVE-2024-42565. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-42565 | ERP 44bd04 delete id sql injection

Related Posts

CVE-2024-6906 | SourceCodester Record Management System 1.0 add_leave_non_user.php LSS sql injection

CVE-2024-22337 | IBM QRadar Suite Software/Cloud Pak for Security log file (XFDB-279977)

CVE-2024-1547 | Mozilla Firefox up to 115.8 API improper restriction of rendered ui layers

CVE-2024-27310 | Zoho ManageEngine ADSelfService Plus up to 6400 LDAP Query denial of service