MidnightBSD

Advisories for apa

CVE-2024-49621

Cross-Site Request Forgery (CSRF) vulnerability in aatmaadhikari APA Register Newsletter Form apa-register-newsletter-form allows SQL Injection.This issue affects APA Register Newsletter Form: from n/a through <= 1.0.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
audit@patchstack.com 8.2 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L 2.8 4.7

Products Affected

Vendor Product Version
apa apa_register_newsletter_form *
CVE-2024-49622

Cross-Site Request Forgery (CSRF) vulnerability in aatmaadhikari Apa Banner Slider apa-banner-slider allows SQL Injection.This issue affects Apa Banner Slider: from n/a through <= 1.0.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
audit@patchstack.com 8.2 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L 2.8 4.7

Products Affected

Vendor Product Version
apa apa_banner_slider *