CVE-2024-29875

SQL injection vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/default/reports/exportactiveuserrpt, 'sortname' parameter. The exploitation of this vulnerability could allow a remote user to send a specially crafted query to the server and extract all the data from it...

CVE-2024-29874

SQL injection vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/default/reports/activeuserrptpdf, 'sortname' parameter. The exploitation of this vulnerability could allow a remote user to send a specially crafted query to the server and extract all the data from it...

PT-2024-23099 · Unknown · Sentrifugo

Name of the Vulnerable Software and Affected Versions: Sentrifugo version 3.2 Description: A SQL injection vulnerability exists in Sentrifugo, allowing a remote user to send a specially crafted query to the server and extract all the data from it. This issue is related to the...

Sentrifugo SQL注入漏洞

Sentrifugo is a human resource management system. The system includes features such as human resource management, performance appraisal, recruitment management and asset management. A SQL injection vulnerability exists in Sentrifugo version 3.2, which originates from a SQL injection vulnerability...