Filtered by vendor Sportsnet Subscriptions
Filtered by product Sportsnet Subscriptions
Total 9 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-29730 1 Sportsnet 2 Sportsnet, Sportsnetcms 2024-09-06 9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query:  https://XXXXXXX.saludydesafio.com/app/ax/consejoRandom/ , parameter idCat;.
CVE-2024-29726 1 Sportsnet 2 Sportsnet, Sportsnetcms 2024-09-06 9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/setAsRead/, parameter id.
CVE-2024-29723 1 Sportsnet 2 Sportsnet, Sportsnetcms 2024-08-30 9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/conexiones/ax/openTracExt/, parameter categoria;.
CVE-2024-29724 1 Sportsnet 2 Sportsnet, Sportsnetcms 2024-08-30 9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/ax/registerSp/, parameter idDesafio.
CVE-2024-29725 1 Sportsnet 2 Sportsnet, Sportsnetcms 2024-08-30 9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/sort_bloques/, parameter list.
CVE-2024-29728 1 Sportsnet 2 Sportsnet, Sportsnetcms 2024-08-30 9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/inscribeUsuario/ , parameter idDesafio.
CVE-2024-29729 1 Sportsnet 2 Sportsnet, Sportsnetcms 2024-08-30 9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/generateShortURL/, parameter url.
CVE-2024-29731 1 Sportsnet 2 Sportsnet, Sportsnetcms 2024-08-30 9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query:  https://XXXXXXX.saludydesafio.com/app/ax/checkBlindFields/ , parameters idChallenge and idEmpresa.
CVE-2024-29727 1 Sportsnet 2 Sportsnet, Sportsnetcms 2024-08-30 9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/sendParticipationRemember/ , parameter send.