CVE-2024-2724

SQL injection vulnerability in the CIGESv2 system, through /ajaxServiciosAtencion.php, in the 'idServicio' parameter. The exploitation of this vulnerability could allow a remote user to retrieve all data stored in the database by sending a specially crafted SQL query...

CIGESv2 跨站脚本漏洞

CIGESv2 is a queue and reservation management system from CIGESv2, Inc. CIGESv2 suffers from a cross-site scripting vulnerability that stems from the presence of a stored cross-site scripting XSS vulnerability. An attacker can exploit the vulnerability to execute and store malicious JavaScript co...