2 matches found
CVE-2024-9573 SQL Injection vulnerability in SOPlanning
SQL injection vulnerability in SOPlanning 1.45, through /soplanning/www/groupelist.php, in the by parameter, which could allow a remote user to send a specially crafted query and extract all the information stored on the server...
CVE-2024-9573
The CVE-2024-9573 entry describes an SQL injection in SOPlanning versions prior to 1.45 via the /soplanning/www/groupe_list.php endpoint (parameter by), enabling a remote user to craft queries and exfiltrate data. Connected sources specify the root cause as input handling in the by parameter of t...