CVE-2024-30928 Information

Description

SQL Injection vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary SQL commands via ‘classids’ Parameter in ajax/query.slide.next.inc

Reference

https://chocapikk.com/posts/2024/derbynet-vulnerabilities/