SQL Injection Vulnerability in Code-Projects Farmacia Software
CVE-2024-11968
7.5HIGH
What is CVE-2024-11968?
A critical SQL injection vulnerability has been identified in the Code-Projects Farmacia application, specifically affecting versions up to 1.0. The flaw resides in the functionality of pagamento.php, where improper validation of the notaFiscal parameter allows an attacker to manipulate SQL queries executed by the application. This vulnerability can be exploited remotely, posing a significant risk to the integrity and confidentiality of the database. It is imperative for users and administrators of Code-Projects Farmacia to implement mitigations or upgrades to secure their systems against potential exploitation.
Affected Version(s)
Farmacia 1.0