CVE-2024-24003 | jshERP 3.3 com.jsh.erp.controller.DepotHeadController findInOutMaterialCount column/order sql injection (Issue 99)

Çağlar Arlı - 15 Views

CVE-2024-24003 | jshERP 3.3 com.jsh.erp.controller.DepotHeadController findInOutMaterialCount column/order sql injection (Issue 99)

A vulnerability has been found in jshERP 3.3 and classified as critical. Affected by this vulnerability is the function findInOutMaterialCount of the component com.jsh.erp.controller.DepotHeadController. The manipulation of the argument column/order leads to sql injection. This vulnerability is known as CVE-2024-24003. The attack needs to be done within the local network. There is no exploit available.

P	S	Ç	P	C	C	P
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29

Annanowa

CVE-2024-24003 | jshERP 3.3 com.jsh.erp.controller.DepotHeadController findInOutMaterialCount column/order sql injection (Issue 99)

CVE-2024-24003 | jshERP 3.3 com.jsh.erp.controller.DepotHeadController findInOutMaterialCount column/order sql injection (Issue 99)

Son Yazılar

Son Yorumlar