6 matches found
CVE-2024-28389
SQL injection vulnerability in KnowBand spinwheel v.3.0.3 and before allows a remote attacker to gain escalated privileges and obtain sensitive information via the SpinWheelFrameSpinWheelModuleFrontController::sendEmail method...
CVE-2024-28389
SQL injection vulnerability in KnowBand spinwheel v.3.0.3 and before allows a remote attacker to gain escalated privileges and obtain sensitive information via the SpinWheelFrameSpinWheelModuleFrontController::sendEmail method...
PT-2024-22408 · Knowband · Knowband Spinwheel
Name of the Vulnerable Software and Affected Versions: KnowBand spinwheel versions 3.0.3 and earlier Description: The issue allows a remote attacker to gain escalated privileges and obtain sensitive information via the SpinWheelFrameSpinWheelModuleFrontController::sendEmail method. This is a SQL...
CVE-2024-28389
SQL injection vulnerability in KnowBand spinwheel v.3.0.3 and before allows a remote attacker to gain escalated privileges and obtain sensitive information via the SpinWheelFrameSpinWheelModuleFrontController::sendEmail method...
KnowBand Security Breach
KnowBand is a plugin from KnowBand Inc. A security vulnerability exists in KnowBand spinwheel v.3.0.3 and earlier versions, which stems from the presence of a SQL injection vulnerability. The vulnerability can be exploited to elevate privileges and obtain sensitive information via the...
CVE-2024-28389
CVE-2024-28389 describes a SQL injection vulnerability in KnowBand SpinWheel, affecting v3.0.3 and earlier. The flaw resides in the SpinWheelFrameSpinWheelModuleFrontController::sendEmail() path and can allow a remote attacker to cause privilege escalation and access sensitive information. Affect...