CVE-2024-45059 | portabilis i-educar up to 2.9 GET Parameter sql injection

Posted by Angelo Barbosa | Aug 28, 2024 | CVE

A vulnerability has been found in portabilis i-educar up to 2.9 and classified as critical. Affected by this vulnerability is an unknown functionality of the component GET Parameter Handler. The manipulation leads to sql injection.

This vulnerability is known as CVE-2024-45059. The attack can be launched remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-45059 | portabilis i-educar up to 2.9 GET Parameter sql injection

Related Posts

CVE-2023-6251 | Checkmk up to 2.0.0p39/2.1.0p36/2.2.0p14 User-Message cross-site request forgery

CVE-2024-7467 | Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 3.90 Web Interface /vpn/list_ip_network.php sslvpn_config_mod template/stylenum os command injection

CVE-2024-26466 | web-platform-tests wpt URL Range-test-iframe.html cross site scripting

CVE-2023-49653 | Jira Plugin up to 3.11 on Jenkins Credentials Lookup permission