Victor Villar's repositories
CVE-2024-32369
Description: SQL Injection vulnerability in HSC Cybersecurity HSC Mailinspector v.5.2.17-3 allows a remote attacker to obtain sensitive information via a crafted payload to the start and limit parameter in the mliWhiteList.php component.
CVE-2024-32370
An issue in HSC Cybersecurity HSC Mailinspector version 5.2.17-3 has been identified, allowing a remote attacker to obtain sensitive information via a crafted payload to the id parameter in the mliSystemUsers.php component.
CVE-2024-32371
A vulnerability identified as CVE-2024-32371 allows an attacker to elevate privileges by changing the type parameter from 1 to 0. This vulnerability enables an attacker with a regular user account to escalate their privileges and gain administrative access to the system.