CVE-2024-2723
CVE-2024-2723 is a SQL injection in the CIGESv2 system, exploited via the /ajaxSubServicios.php endpoint’s idServicio parameter. This allows a remote attacker to retrieve all data stored in the database. No exploitation details are provided in the documents. Some sources note no public fix inform...