CVE-2024-2585

Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/selectsend2.php, in the 'sdindex' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB...

AMSS++ SQL Injection Vulnerability

AMSS++ is a tool for the office management support system of Amssplus. An SQL injection vulnerability exists in AMSS++ version 4.31, which stems from an SQL injection vulnerability in the sdindex parameter of the /amssplus/modules/mail/main/selectsend.php page...

PT-2024-21192 · Amss++ · Amss++

Name of the Vulnerable Software and Affected Versions: AMSS++ version 4.31 Description: The issue allows SQL injection through the /amssplus/modules/mail/main/select send.php endpoint, specifically in the sd index parameter. This could enable a remote attacker to send a specially crafted SQL quer...

AMSS++ SQL Injection Vulnerability

AMSS++ is a tool for the office management support system of Amssplus. An SQL injection vulnerability exists in AMSS++ version 4.31, which stems from an SQL injection vulnerability in the sdindex parameter of the /amssplus/modules/book/main/selectsend2.php page...