CVE-2025-1640

Name of the Vulnerable Software and Affected Versions Benner ModernaNet versions up to 1.1.0

Description A critical issue affects some unknown functionality of the file /Home/JS CarregaCombo?formName=DADOS PESSOAIS PLANO&additionalCondition=&insideParameters=&elementToReturn=DADOS PESSOAIS PLANO&ordenarPelaDescricao=true&direcaoOrdenacao=asc& =1739290047295. The manipulation leads to sql injection. The attack may be launched remotely.

Recommendations To address this issue, upgrade to version 1.1.1. It is recommended to upgrade the affected component. As a temporary workaround, consider restricting access to the /Home/JS CarregaCombo API endpoint until the issue is resolved.