CVE-2024-55988

Name of the Vulnerable Software and Affected Versions Navayan CSV Export versions 1.0.9 and earlier

Description The issue is related to the improper neutralization of special elements used in an SQL command, allowing Blind SQL Injection. This problem enables attackers to inject malicious SQL code, potentially leading to unauthorized access or data manipulation.

Recommendations For versions 1.0.9 and earlier, update to a version that includes a fix for this issue. As a temporary workaround, consider restricting access to sensitive database elements to minimize the risk of exploitation. Avoid using user-supplied input in SQL commands until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.