CVE-2024-9006 | jeanmarc77 123solar 1.8.4.5 config/config_invt1.php PASSOx code injection (Issue 74)

Posted by Angelo Barbosa | Sep 19, 2024 | CVE

A vulnerability was found in jeanmarc77 123solar 1.8.4.5. It has been rated as critical. Affected by this issue is some unknown functionality of the file config/config_invt1.php. The manipulation of the argument PASSOx leads to code injection.

This vulnerability is handled as CVE-2024-9006. The attack may be launched remotely. Furthermore, there is an exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-9006 | jeanmarc77 123solar 1.8.4.5 config/config_invt1.php PASSOx code injection (Issue 74)

Related Posts

CVE-2023-45581 | Fortinet FortiClientEMS up to 7.2.2 HTTP privileges management (FG-IR-23-357)

CVE-2024-38624 | Linux Kernel up to 5.15.160/6.1.92/6.6.32/6.9.3 ntfs3 wrap-around

CVE-2024-7578 | Alien Technology ALR-F800 up to 19.10.24.00 /var/www/cmd.php cmd improper authorization

CVE-2024-34982 | lylme_spage 1.9.5 /include/file.php unrestricted upload