2 matches found
CVE-2024-2724
CVE-2024-2724 affects the CIGESv2 system via SQL injection in the /ajaxServiciosAtencion.php endpoint, in the idServicio parameter. A remote attacker could use a crafted SQL query to retrieve all data from the database. Documented impact is data exposure (Confidentiality: HIGH); no exploits are d...
CVE-2024-2724 SQL injection vulnerability in the CIGESv2 system
SQL injection vulnerability in the CIGESv2 system, through /ajaxServiciosAtencion.php, in the 'idServicio' parameter. The exploitation of this vulnerability could allow a remote user to retrieve all data stored in the database by sending a specially crafted SQL query...