CVE-2024-11968
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2024-11968 is a newly disclosed critical vulnerability affecting code-projects Farmacia version 1.0. The issue lies in the functionality of the pagamento.php file, where the argument notaFiscal is susceptible to SQL injection attacks. This vulnerability can be exploited remotely, making it a significant security risk. An attacker can manipulate the notaFiscal argument to inject malicious SQL commands into the system, potentially leading to unauthorized access, data theft, or other malicious activities. Farmacia users are advised to update their software as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.