SQL Injection Vulnerability in CampCodes Supplier Management System
CVE-2024-41550

Currently unrated

Key Information:

Vendor
CampCodes
Status
Supplier Management System
Vendor
CVE Published:
24 July 2024

Summary

The CampCodes Supplier Management System v1.0 contains a critical vulnerability that allows SQL injection through the 'id' parameter in the view_invoice_items.php file. This flaw can be exploited by an attacker to manipulate database queries, potentially allowing unauthorized access to sensitive data stored within the system.

References

https://github.com/Chencihai/Chencihai/blob/main/cve/supp...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2024-41550 : SQL Injection Vulnerability in CampCodes Supplier Management System | SecurityVulnerability.io