CVE-2024-10023 | code-projects Pharmacy Management System 1.0 add_new_medicine.php name/packing/generic_name/suppliers_name sql injection

Posted by Angelo Barbosa | Oct 16, 2024 | CVE

A vulnerability classified as critical was found in code-projects Pharmacy Management System 1.0. This vulnerability affects unknown code of the file /php/add_new_medicine.php. The manipulation of the argument name/packing/generic_name/suppliers_name leads to sql injection.

This vulnerability was named CVE-2024-10023. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-10023 | code-projects Pharmacy Management System 1.0 add_new_medicine.php name/packing/generic_name/suppliers_name sql injection

Related Posts

CVE-2024-28175 | argocd up to 2.8.11/2.9.0/2.9.7/2.10.0/2.10.2 URL Protocol cross site scripting (GHSA-jwv5-8mqv-g387)

CVE-2024-7808 | code-projects Job Portal 1.0 logindbc.php email sql injection

CVE-2024-8905 | Google Chrome up to 128.0.6613.137 V8 Remote Code Execution

CVE-2024-5587 | Casdoor up to 1.335.0 Configuration File /conf/app.conf file access (cve-casdoor)