CVE-2024-9560 | ESAFENET CDG V5 Catelogs;logindojojs delCatelogs id sql injection

Posted by Angelo Barbosa | Oct 6, 2024 | CVE

A vulnerability was found in ESAFENET CDG V5. It has been rated as critical. Affected by this issue is the function delCatelogs of the file /CDGServer3/document/Catelogs;logindojojs?command=DelCatelogs. The manipulation of the argument id leads to sql injection.

This vulnerability is handled as CVE-2024-9560. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2024-9560 | ESAFENET CDG V5 Catelogs;logindojojs delCatelogs id sql injection

Related Posts

CVE-2021-47387 | Linux Kernel up to 5.14.9 lib/debugobjects.c delayed_work_timer_fn use after free

CVE-2023-6557 | The Events Calendar Plugin up to 6.2.8.2 on WordPress information disclosure

CVE-2023-24460 | Intel GPA Software Installer prior 2023.3 default permission (intel-sa-00831)

CVE-2024-49252 | Teplitsa of Social Technologies Leyka Plugin up to 3.31.6 on WordPress exposure of sensitive system information to an unauthorized control sphere