CVE-2024-0493 | Kashipara Billing Software 1.0 HTTP POST Request submit_delivery_list.php customer_details sql injection

Posted by Angelo Barbosa | Jan 12, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Kashipara Billing Software 1.0. Affected by this issue is some unknown functionality of the file submit_delivery_list.php of the component HTTP POST Request Handler. The manipulation of the argument customer_details leads to sql injection.

This vulnerability is handled as CVE-2024-0493. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2024-0493 | Kashipara Billing Software 1.0 HTTP POST Request submit_delivery_list.php customer_details sql injection

Related Posts

CVE-2024-2822 | DedeCMS 5.7 /src/dede/vote_edit.php aid cross-site request forgery

CVE-2024-33328 | Lumisxp 15.0.x/16.1.x main.jsp pageId cross site scripting

CVE-2023-51713 | ProFTPD up to 1.3.7 Quote main.c make_ftp_cmd out-of-bounds (Issue 1683)

CVE-2023-47717 | IBM Security Guardium 12.0 denial of service (XFDB-271690)