A vulnerability, which was classified as critical, was found in Complete Supplier Management System 1.0. Affected is an unknown function of the file /Supply_Management_System/admin/edit_category.php. The manipulation of the argument id leads to sql injection.
This vulnerability is traded as CVE-2024-22625. Access to the local network is required for this attack to succeed. There is no exploit available.