CVE-2024-11968: code-projects Farmacia pagamento.php sql injection
First published: Thu Nov 28 2024(Updated: )
A vulnerability was found in code-projects Farmacia up to 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file pagamento.php. The manipulation of the argument notaFiscal leads to sql injection. The attack can be launched remotely.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Anisha Farmacia | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-11968?
CVE-2024-11968 is classified as a critical vulnerability.
How do I fix CVE-2024-11968?
To fix CVE-2024-11968, it is recommended to sanitize inputs related to the notaFiscal argument in the pagamento.php file to prevent SQL injection.
What type of attack can be performed using CVE-2024-11968?
CVE-2024-11968 allows for a remote SQL injection attack through the manipulation of the notaFiscal argument.
Which software versions are affected by CVE-2024-11968?
CVE-2024-11968 affects Anisha Farmacia version 1.0.
What file is involved in the CVE-2024-11968 vulnerability?
The file involved in CVE-2024-11968 is pagamento.php.
- agent/references
- agent/title
- agent/description
- agent/first-publish-date
- agent/type
- agent/weakness
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/severity
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/source
- vendor/anisha
- canonical/anisha farmacia
- version/anisha farmacia/1.0