Lucene search
+L

4 matches found

NVD
NVD
added 2024/02/28 1:15 p.m.21 views

CVE-2024-24868

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager: from n/a through 4.69...

8.8CVSS8.9AI score0.00544EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/28 1:6 p.m.33 views

CVE-2024-24868 WordPress SP Project & Document Manager Plugin <= 4.69 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager: from n/a through 4.69...

8.5CVSS7.6AI score0.00544EPSS
Exploits0References1
CVE
CVE
added 2024/02/28 1:6 p.m.120 views

CVE-2024-24868

CVE-2024-24868 affects the WordPress plugin SP Project & Document Manager (versions up to 4.69). It is a SQL Injection due to improper neutralization of input in the plugin, enabling unauthorized data access/injection via authenticated conduit. The issue is mitigated by upgrading to version 4.70,...

8.8CVSS8.8AI score0.00544EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/02/02 12:0 a.m.10 views

WordPress SP Project & Document Manager Plugin <= 4.69 is vulnerable to SQL Injection

Software SP Project & Document Manager Type Plugin Vulnerable versions = 4.69 Fixed in 4.70 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-24868 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 55e058d86d8c Credits Yudistira Arya Required privilege...

8.8CVSS6.8AI score0.00544EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder