9 matches found
CVE-2024-44541
evilnapsis Inventio Lite Versions v4 and before is vulnerable to SQL Injection via the "username" parameter in "/?action=processlogin."...
Inventio Lite 4 - SQL Injection
Exploit Title: Inventio Lite 4 - SQL Injection Error Based SQLi in "username" parameter on "/?action=processlogin." Date: 08/21/2024 Exploit Author: pointedsec Vendor Homepage: http://evilnapsis.com Software Link: https://github.com/evilnapsis/inventio-lite Version: ' or email LIKE '' and passwor...
CVE-2024-44541
evilnapsis Inventio Lite Versions v4 and before is vulnerable to SQL Injection via the "username" parameter in "/?action=processlogin."...
CVE-2024-44541
evilnapsis Inventio Lite Versions v4 and before is vulnerable to SQL Injection via the "username" parameter in "/?action=processlogin."...
CVE-2024-44541
evilnapsis Inventio Lite Versions v4 and before is vulnerable to SQL Injection via the "username" parameter in "/?action=processlogin."...
Inventio Lite SQL注入漏洞
Inventio Lite is a general purpose inventory and sales system. A security vulnerability exists in Inventio Lite v4 and prior versions that stems from vulnerability to SQL injection attacks via the username parameter in /?action=processlogin...
CVE-2024-44541
Inventio Lite v4 and earlier is vulnerable to SQL Injection via the username parameter in /?action=processlogin. The issue arises from building an SQL query with user-supplied input (email/username) and password without proper parameter binding, enabling bypass of authentication and potential dat...
CVE-2024-44541
evilnapsis Inventio Lite Versions v4 and before is vulnerable to SQL Injection via the "username" parameter in "/?action=processlogin."...
Exploit for CVE-2024-44541
CVE-2024-44541: SQL Injection Vulnerability in Inventio Lite v...