CVE-2024-10024 | code-projects Pharmacy Management System 1.0 manage_medicine_stock.php name/packing/generic_name/suppliers_name sql injection

Posted by Angelo Barbosa | Oct 16, 2024 | CVE

A vulnerability, which was classified as critical, has been found in code-projects Pharmacy Management System 1.0. This issue affects some unknown processing of the file /php/manage_medicine_stock.php. The manipulation of the argument name/packing/generic_name/suppliers_name leads to sql injection.

The identification of this vulnerability is CVE-2024-10024. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-10024 | code-projects Pharmacy Management System 1.0 manage_medicine_stock.php name/packing/generic_name/suppliers_name sql injection

Related Posts

CVE-2024-27791 | Apple tvOS App memory corruption

CVE-2024-46609 | Thecosy IceCMS up to 3.4.7 UserController.java CheckVip access control

CVE-2024-36505 | Fortinet FortiOS up to 6.4.15/7.0.14/7.2.7/7.4.3 access control (FG-IR-24-012)

CVE-2024-23519 | M&S Consulting Email Before Download Plugin up to 6.9.7 on WordPress cross-site request forgery