7 matches found
CVE-2024-50724
KASO v9.0 was discovered to contain a SQL injection vulnerability via the personid parameter at /cardcase/editcard.jsp...
CVE-2024-50724
KASO v9.0 was discovered to contain a SQL injection vulnerability via the personid parameter at /cardcase/editcard.jsp...
CVE-2024-50724
KASO v9.0 was discovered to contain a SQL injection vulnerability via the personid parameter at /cardcase/editcard.jsp...
CVE-2024-50724
KASO v9.0 was discovered to contain a SQL injection vulnerability via the personid parameter at /cardcase/editcard.jsp...
KASO 安全漏洞
KASO is an application from KASO Inc. A security vulnerability exists in KASO v9.0, which stems from the discovery of an SQL injection vulnerability via the personid parameter in /cardcase/editcard.jsp...
CVE-2024-50724
CVE-2024-50724 affects KASO v9.0 with a SQL injection vulnerability in the /cardcase/editcard.jsp endpoint via the person_id parameter. Root cause: improper handling of input in the SQL query leading to injection. Impact per provided data: high/critical confidentiality, integrity, and availabilit...
PT-2024-34402 · Kaso · Kaso
Name of the Vulnerable Software and Affected Versions: KASO version 9.0 Description: A SQL injection issue was discovered via the person id parameter at the "/cardcase/editcard.jsp" API endpoint. This allows for potential exploitation of the database. Recommendations: For KASO version 9.0, consid...