Vulnerability CVE-2024-28389


Published: 2024-03-19

Description:
SQL injection vulnerability in KnowBand spinwheel v.3.0.3 and before allows a remote attacker to gain escalated privileges and obtain sensitive information via the SpinWheelFrameSpinWheelModuleFrontController::sendEmail() method.

 References:
https://security.friendsofpresta.org/modules/2024/03/12/spinwheel.html

Copyright 2026, cxsecurity.com

 

Back to Top