CVE-2024-9006 | jeanmarc77 123solar 1.8.4.5 config/config_invt1.php PASSOx code injection (Issue 74)

Posted by Angelo Barbosa | Sep 19, 2024 | CVE

A vulnerability was found in jeanmarc77 123solar 1.8.4.5. It has been rated as critical. Affected by this issue is some unknown functionality of the file config/config_invt1.php. The manipulation of the argument PASSOx leads to code injection.

This vulnerability is handled as CVE-2024-9006. The attack may be launched remotely. Furthermore, there is an exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-9006 | jeanmarc77 123solar 1.8.4.5 config/config_invt1.php PASSOx code injection (Issue 74)

Related Posts

CVE-2024-36811 | aimeos 2024.04 PHP File unrestricted upload

CVE-2024-22236 | Spring Cloud Contract up to 3.1.9/4.0.4/4.1.0 Guava temp file

CVE-2024-7580 | Alien Technology ALR-F800 up to 19.10.24.00 /admin/system.html uploadedFile os command injection

CVE-2024-28581 | FreeImage 3.19.0 r1909 TARGA Image _assignPixel buffer overflow