CVE-2024-0280

Name of the Vulnerable Software and Affected Versions Kashipara Food Management System version 1.0

Description A critical issue has been found in the Kashipara Food Management System, affecting an unknown functionality of the file item type submit.php. The manipulation of the type name argument leads to SQL injection. The attack can be launched remotely.

Recommendations For Kashipara Food Management System version 1.0, consider restricting access to the item type submit.php file until a patch is available. As a temporary workaround, avoid using the type name argument in the affected functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.