CVE-2024-42844 Information

Description

A SQL Injection vulnerability has been identified in EPICOR Prophet 21 (P21) up to 23.2.5232. This vulnerability allows authenticated remote attackers to execute arbitrary SQL commands through unsanitized user input fields to obtain unauthorized information

Reference

https://gist.github.com/getHecked/dc4ae46526d181d3deb17092815b9bec