CVE-2024-39620

Name of the Vulnerable Software and Affected Versions ListingPro versions through 2.9.4

Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows attackers to exploit the system, potentially leading to data security issues. The estimated number of affected devices and real-world incidents are not specified.

Recommendations For versions through 2.9.4, ensure immediate patching to secure your data. As a temporary workaround, consider restricting access to sensitive database operations until a patch is available. Avoid using user-input data directly in SQL commands to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.