Security Advisory

CVE-2024-29730

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-08-29 09:28:38

Last updated 2024-09-06 16:21:17

Assigner INCIBE

State PUBLISHED

Description

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/consejoRandom/ , parameter idCat;.

← Browse all CVEs View on cve.org ↗