2 matches found
CVE-2024-42782
A SQL injection vulnerability in "/music/ajax.php?action=findmusic" in Kashipara Music Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "search" parameter...
PT-2024-30154 · Unknown · Kashipara Music Management System
Name of the Vulnerable Software and Affected Versions: Kashipara Music Management System version 1.0 Description: A SQL injection issue in the "/music/ajax.php?action=find music" endpoint allows an attacker to execute arbitrary SQL commands via the search parameter. This enables the attacker to...