CVE-2023-36361

Name of the Vulnerable Software and Affected Versions Audimexee version 14.1.7

Description The issue is a SQL injection vulnerability that can be exploited via the p table name parameter. This allows an attacker to inject malicious SQL code, potentially leading to unauthorized access or modification of sensitive data.

Recommendations For Audimexee version 14.1.7, as a temporary workaround, consider restricting access to the p table name parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.