Sportsnet CVE - OpenCVE

Filtered by vendor Sportsnet Subscriptions

Total 9 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-29730	1 Sportsnet	2 Sportsnet, Sportsnetcms	2024-09-06	9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/consejoRandom/ , parameter idCat;.
CVE-2024-29726	1 Sportsnet	2 Sportsnet, Sportsnetcms	2024-09-06	9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/setAsRead/, parameter id.
CVE-2024-29723	1 Sportsnet	2 Sportsnet, Sportsnetcms	2024-08-30	9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/conexiones/ax/openTracExt/, parameter categoria;.
CVE-2024-29724	1 Sportsnet	2 Sportsnet, Sportsnetcms	2024-08-30	9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/ax/registerSp/, parameter idDesafio.
CVE-2024-29725	1 Sportsnet	2 Sportsnet, Sportsnetcms	2024-08-30	9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/sort_bloques/, parameter list.
CVE-2024-29728	1 Sportsnet	2 Sportsnet, Sportsnetcms	2024-08-30	9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/inscribeUsuario/ , parameter idDesafio.
CVE-2024-29729	1 Sportsnet	2 Sportsnet, Sportsnetcms	2024-08-30	9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/generateShortURL/, parameter url.
CVE-2024-29731	1 Sportsnet	2 Sportsnet, Sportsnetcms	2024-08-30	9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/checkBlindFields/ , parameters idChallenge and idEmpresa.
CVE-2024-29727	1 Sportsnet	2 Sportsnet, Sportsnetcms	2024-08-30	9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/sendParticipationRemember/ , parameter send.

Page 1 of 1.