3 matches found
CVE-2024-2592
Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/person/picshow.php, in the 'personid' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB...
CVE-2024-2592 SQL injection vulnerability in AMSS++
Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/person/picshow.php, in the 'personid' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB...
CVE-2024-2592
The CVE-2024-2592 issue affects AMSS++ v4.31, where the vulnerability exists in the /amssplus/modules/person/pic_show.php endpoint, specifically the person_id parameter, leading to SQL injection that could allow an attacker to retrieve the database contents. The root cause is an injectable parame...