2 matches found
CVE-2024-2586 SQL injection vulnerability in AMSS++
Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/index.php, in the 'username' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB...
CVE-2024-2586
AMSS++ v4.31 is affected by CVE-2024-2586 due to an SQL injection in the username parameter of /amssplus/index.php, allowing an attacker to craft a query to retrieve data from the database. The vulnerability is network-based with low exploit complexity, and the impact is on confidentiality (high)...