CVE-2024-0494 | Kashipara Billing Software 1.0 HTTP POST Request material_bill.php itemtypeid sql injection

Posted by Angelo Barbosa | Jan 12, 2024 | CVE

A vulnerability, which was classified as critical, was found in Kashipara Billing Software 1.0. This affects an unknown part of the file material_bill.php of the component HTTP POST Request Handler. The manipulation of the argument itemtypeid leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-0494. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2024-0494 | Kashipara Billing Software 1.0 HTTP POST Request material_bill.php itemtypeid sql injection

Related Posts

CVE-2024-5599 | softaculous FileOrganizer Plugin up to 1.0.7 on WordPress fileorganizer_ajax_handler sensitive information

Chunghwa Telecom NOKIA G-040W-Q ICMP Redirect Message input validation

CVE-2024-38458 | Xenforo up to 2.2.15 code injection

CVE-2024-3105 | Woody Code Snippets Plugin up to 2.5.0 on WordPress Privilege Escalation