CVE-2024-9789 | LyLme_spage 1.9.5 /admin/apply.php id sql injection

Posted by Angelo Barbosa | Oct 10, 2024 | CVE

A vulnerability was found in LyLme_spage 1.9.5 and classified as critical. This issue affects some unknown processing of the file /admin/apply.php. The manipulation of the argument id leads to sql injection.

The identification of this vulnerability is CVE-2024-9789. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-9789 | LyLme_spage 1.9.5 /admin/apply.php id sql injection

Related Posts

CVE-2024-31412 | Omron CX-Programmer up to 9.81 out-of-bounds (OMSR-2024-003)

CVE-2024-4805 | Kashipara College Management System 1.0 edit_faculty.php id sql injection

CVE-2024-46858 | Linux Kernel up to 6.1.110/6.6.51/6.10.10 mptcp sk_stop_timer_sync use after free

CVE-2024-36792 | Netgear WNR614/N300 PIN Privilege Escalation