A vulnerability classified as critical has been found in Inis up to 2.0.1. Affected is an unknown function of the file /app/api/controller/default/Sqlite.php. The manipulation of the argument sql leads to sql injection.
This vulnerability is traded as CVE-2024-0342. The attack needs to be approached within the local network. Furthermore, there is an exploit available.