A vulnerability, which was classified as critical, was found in TreasureHuntGame TreasureHunt up to 963e0e0. Affected is an unknown function of the file TreasureHunt/acesso.php. The manipulation of the argument usuario leads to sql injection. It is possible to launch the attack remotely. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The name of the patch is 8bcc649abc35b7734951be084bb522a532faac4e. It is recommended to apply a patch to fix this issue.
Metrics
Affected Vendors & Products
References
History
Sun, 22 Dec 2024 12:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability, which was classified as critical, was found in TreasureHuntGame TreasureHunt up to 963e0e0. Affected is an unknown function of the file TreasureHunt/acesso.php. The manipulation of the argument usuario leads to sql injection. It is possible to launch the attack remotely. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The name of the patch is 8bcc649abc35b7734951be084bb522a532faac4e. It is recommended to apply a patch to fix this issue. | |
Title | TreasureHuntGame TreasureHunt acesso.php sql injection | |
Weaknesses | CWE-74 CWE-89 |
|
References |
| |
Metrics |
cvssV2_0
|
MITRE
Status: PUBLISHED
Assigner: VulDB
Published: 2024-12-22T12:00:13.449Z
Updated: 2024-12-22T12:00:13.449Z
Reserved: 2024-12-21T20:17:14.396Z
Link: CVE-2024-12894
Vulnrichment
No data.
NVD
Status : Received
Published: 2024-12-22T12:15:16.203
Modified: 2024-12-22T12:15:16.203
Link: CVE-2024-12894
Redhat
No data.