| Title | Bylancer Quicklancer 2.4 SQL Injection |
|---|
| Description | A SQL injection vulnerability exists in the Quicklancer 2.4, GET parameter 'range2', that has both time-based blind SQL injection and a boolean-based blind SQL injection vulnerabilities, which can be exploited remotely by unauthenticated attacker by an attacker to execute arbitrary SQL queries in the database. |
|---|
| Source | ⚠️ https://github.com/bigb0x/CVEs/blob/main/quicklancer-2-4.md |
|---|
| User | godfather (UID 27952) |
|---|
| Submission | 07/21/2024 14:23 (2 years ago) |
|---|
| Moderation | 07/28/2024 07:39 (7 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 272609 [Bylancer Quicklancer 2.4 GET Parameter /listing range2 sql injection] |
|---|
| Points | 17 |
|---|