8 matches found
CVE-2024-28393
SQL injection vulnerability in scalapay v.1.2.41 and before allows a remote attacker to escalate privileges via the ScalapayReturnModuleFrontController::postProcess method...
CVE-2024-28393
SQL injection vulnerability in scalapay v.1.2.41 and before allows a remote attacker to escalate privileges via the ScalapayReturnModuleFrontController::postProcess method...
CVE-2024-28393
SQL injection vulnerability in scalapay v.1.2.41 and before allows a remote attacker to escalate privileges via the ScalapayReturnModuleFrontController::postProcess method...
PT-2024-22413 · Scalapay · Scalapay
Name of the Vulnerable Software and Affected Versions: Scalapay versions 1.2.41 and earlier Description: The issue allows a remote attacker to escalate privileges via the ScalapayReturnModuleFrontController::postProcess method. This is a SQL injection vulnerability. Recommendations: For Scalapay...
Scalapay 安全漏洞
Scalapay is an e-commerce software from Scalapay Inc. A security vulnerability exists in Scalapay v.1.2.41 and earlier versions that stems from the presence of a SQL injection vulnerability. An attacker can exploit the vulnerability to escalate privileges via the...
CVE-2024-28393
CVE-2024-28393 is a SQL injection vulnerability affecting Scalapay v1.2.41 and earlier. The root cause, as documented across sources, is an injectable input path in ScalapayReturnModuleFrontController::postProcess(), enabling a remote attacker to escalate privileges. The CVSS‑3.1 base score is 9....
CVE-2024-28393
SQL injection vulnerability in scalapay v.1.2.41 and before allows a remote attacker to escalate privileges via the ScalapayReturnModuleFrontController::postProcess method...
CVE-2024-28393
SQL injection vulnerability in scalapay v.1.2.41 and before allows a remote attacker to escalate privileges via the ScalapayReturnModuleFrontController::postProcess method...