Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by vendor Sportsnet
Filtered by product Sportsnet
Angry Yack Logo
Total 9 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-29723 1 Sportsnet 1 Sportsnet 2024-08-30 N/A 9.8 CRITICAL
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/conexiones/ax/openTracExt/, parameter categoria;.
CVE-2024-29724 1 Sportsnet 1 Sportsnet 2024-08-30 N/A 9.8 CRITICAL
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/ax/registerSp/, parameter idDesafio.
CVE-2024-29725 1 Sportsnet 1 Sportsnet 2024-08-30 N/A 9.8 CRITICAL
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/sort_bloques/, parameter list.
CVE-2024-29726 1 Sportsnet 1 Sportsnet 2024-08-30 N/A 9.8 CRITICAL
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/setAsRead/, parameter id.
CVE-2024-29728 1 Sportsnet 1 Sportsnet 2024-08-30 N/A 9.8 CRITICAL
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/inscribeUsuario/ , parameter idDesafio.
CVE-2024-29729 1 Sportsnet 1 Sportsnet 2024-08-30 N/A 9.8 CRITICAL
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/generateShortURL/, parameter url.
CVE-2024-29730 1 Sportsnet 1 Sportsnet 2024-08-30 N/A 9.8 CRITICAL
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query:  https://XXXXXXX.saludydesafio.com/app/ax/consejoRandom/ , parameter idCat;.
CVE-2024-29731 1 Sportsnet 1 Sportsnet 2024-08-30 N/A 9.8 CRITICAL
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query:  https://XXXXXXX.saludydesafio.com/app/ax/checkBlindFields/ , parameters idChallenge and idEmpresa.
CVE-2024-29727 1 Sportsnet 1 Sportsnet 2024-08-30 N/A 9.8 CRITICAL
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/sendParticipationRemember/ , parameter send.