CVE-2024-9293 | skyselang yylAdmin up to 3.0 Backend File.php list is_disable sql injection

Posted by Angelo Barbosa | Sep 27, 2024 | CVE

A vulnerability classified as critical was found in skyselang yylAdmin up to 3.0. Affected by this vulnerability is the function list of the file /app/admin/controller/file/File.php of the component Backend. The manipulation of the argument is_disable leads to sql injection.

This vulnerability is known as CVE-2024-9293. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-9293 | skyselang yylAdmin up to 3.0 Backend File.php list is_disable sql injection

Related Posts

CVE-2024-21097 | Oracle PeopleSoft Enterprise PT PeopleTools 8.59/8.60/8.61 Security information disclosure

CVE-2024-11732 | BP Profile Shortcodes Extra Plugin up to 2.6.0 on WordPress Shortcode tab sql injection

CVE-2023-3287 | easyappointments up to 1.4.x /admins authorization

CVE-2024-41859 | Adobe After Effects up to 23.6.6/24.5 out-of-bounds write (apsb24-55)