Yasmim Da Cunha

**Name of the Vulnerable Software and Affected Versions** Benner ModernaNet versions up to 1.1.0 **Description** A critical issue affects some unknown functionality of the file /Home/JS CarregaCombo?formName=DADOS PESSOAIS PLANO&additionalCondition=&insideParameters=&elementToReturn=DADOS PESSOAIS PLANO&ordenarPelaDescricao=true&direcaoOrdenacao=asc& =1739290047295. The manipulation leads to sql injection. The attack may be launched remotely. **Recommendations** To address this issue, upgrade to version 1.1.1. It is recommended to upgrade the affected component. As a temporary workaround, consider restricting access to the /Home/JS CarregaCombo API endpoint until the issue is resolved.