CVE-2024-53815

Name of the Vulnerable Software and Affected Versions: Pinpoint Booking System versions through 2.9.9.5.1

Description: The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, which arises from the improper neutralization of special elements used in an SQL command. This allows malicious actors to exploit the system.

Recommendations: For versions through 2.9.9.5.1, upgrade immediately to prevent attacks. As a temporary workaround, consider restricting access to sensitive database queries until a patch is available. Avoid using user-supplied input in SQL commands without proper sanitization until the issue is resolved.