A vulnerability, which was classified as critical, has been found in itsourcecode Billing System 1.0. Affected by this issue is some unknown functionality of the file process.php. The manipulation of the argument username leads to sql injection.
This vulnerability is handled as CVE-2024-37849. Attacking locally is a requirement. There is no exploit available.