CVE-2024-29432 Information

Description

Alldata v0.4.6 was discovered to contain a SQL injection vulnerability via the tablename parameter at /data/masterdata/datas.

Reference

https://github.com/Raybye/alldata-bug/blob/main/alldata.md https://gist.github.com/Raybye/4b377eb06b5f9c324f090d39a0d25c2b