fuzzlove/soplanning-1.52-exploits

Releases0

SOPlanning 1.52.00 CSRF/SQLi/XSS (CVE-2024-33722, CVE-2024-33724)

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-33722 ↗	May 8, 2026Friday, 8 May 2026, 06:16	6.3 MEDIUM	—
SOPlanning 1.52.00 is vulnerable to SQL Injection by an authenticated user via projets.php with statut[].
CVE-2024-33724 ↗	May 8, 2026Friday, 8 May 2026, 06:16	5.4 MEDIUM	—
SOPlanning 1.52.00 is vulnerable to Cross Site Scripting (XSS) via the groupe_id parameter to process/groupe_save.php.