Free Trial

CVE-2024-6416 : SEACMS 12.9 CID SQL INJECTION

Description

A vulnerability was found in SeaCMS 12.9. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /js/player/dmplayer/dmku/?ac=edit. The manipulation of the argument cid with the input (select(0)from(select(sleep(10)))v) leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-270007.

References

https://vuldb.com/?id.270007

https://vuldb.com/?ctiid.270007

https://vuldb.com/?submit.363407

https://fushuling.com/index.php/2024/06/24/test4/

For More Information

CVERecord

Common Vulnerabilityies and Exposures

CVE-2024-6416 : SEACMS 12.9 CID SQL INJECTION
CVE-2024-6416 : SEACMS 12.9 CID SQL INJECTION

Contact us to get started

CVE-2024-5711 : STITIONAI DEVIKA CROSS SITE SCRIPTING

CVE-2024-5711 : STITIONAI DEVIKA CROSS SITE SCRIPTING

Description Cross-site Scripting (XSS) – Stored in GitHub repository stitionai/devika prior to -. References https://huntr.com/bounties/6c00ff84-574b-4b4f-bd58-aa7ec1809662 https://github.com/stitionai/devika/commit/6acce21fb08c3d1123ef05df6a33912bf0ee77c2 For More Information CVERecord

Learn more
CVE-2024-38330 : IBM I 7.2/7.3/7.4 UNCONTROLLED SEARCH PATH

CVE-2024-38330 : IBM I 7.2/7.3/7.4 UNCONTROLLED SEARCH PATH

Description IBM System Management for i 7.2, 7.3, and 7.4 could allow a local user to gain elevated privileges due

Learn more
CVE-2024-6539 : HEYEWEI SPRINGBOOTCMS UP TO 2024-05-28 GUESTBOOK /GUESTBOOK CONTENT CROSS SITE SCRIPTING

CVE-2024-6539 : HEYEWEI SPRINGBOOTCMS UP TO 2024-05-28 GUESTBOOK /GUESTBOOK CONTENT CROSS SITE SCRIPTING

Description A vulnerability classified as problematic has been found in heyewei SpringBootCMS up to 2024-05-28. Affected is an unknown function

Learn more