← back
CVE-2025-1641

Benner ModernaNet GetHorariosDoDia sql injection

CVSS 6.9 MEDIUMEPSS 0.6%CWE-74CWE-89
A vulnerability was found in Benner ModernaNet up to 1.1.0. It has been classified as critical. This affects an unknown part of the file /AGE0000700/GetHorariosDoDia?idespec=0&idproced=1103&data=2025-02-25+19%3A25&agserv=0&convenio=1&localatend=1&idplano=5&pesfis=01&idprofissional=0&target=.horarios--dia--d0&_=1739371223797. The manipulation leads to sql injection. It is possible to initiate the attack remotely. Upgrading to version 1.1.1 is able to address this issue. It is recommended to upgrade the affected component.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
Affected products
Benner · ModernaNet

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/yago3008/cveshttps://vuldb.com/?ctiid.296691https://vuldb.com/?id.296691https://vuldb.com/?submit.499875