CVE-2024-24407

Name of the Vulnerable Software and Affected Versions Best Courier management system version 1.0

Description The issue allows a remote attacker to obtain sensitive information via the print pdets.php component. This is due to a SQL Injection vulnerability. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.

Recommendations For Best Courier management system version 1.0, review the code for input sanitization and implement parameterized queries as soon as possible to mitigate the risk of SQL injection attacks. Consider temporarily disabling or restricting access to the print pdets.php component until a patch is available.