3 matches found
CVE-2024-0308
The CVE-2024-0308 issue affects Inis up to 2.0.1, where manipulation of the argument p_url in file app/api/controller/default/Proxy.php enables server-side request forgery (SSRF). This is a network-accessible vulnerability with remote potential and public exploit disclosure. Affected component is...
CVE-2024-0341
CVE-2024-0341 affects Inis up to version 2.0.1. The vulnerability arises from manipulation of the path argument in the GET Request Handler’s file path (specifically /app/api/controller/default/File.php), enabling path traversal. The exploit has been disclosed publicly. Other details (complete vec...
CVE-2024-0342
CVE-2024-0342 affects Inis up to version 2.0.1. The vulnerability is a SQL injection in an unknown function within the file /app/api/controller/default/Sqlite.php, triggered by manipulating the argument sql. The exploit has been disclosed publicly. Affected products, root cause, and intended impa...