A vulnerability was found in porpeeranut go-with-me. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file module/frontend/add.php. The manipulation leads to sql injection. The CWE definition for the vulnerability is CWE-89. The weakness was disclosed 01/02/2023 as b92451e4f9e85e26cf493c95ea0a69e354c35df9. The advisory is shared at github.com. This vulnerability is known as CVE-2014-125032. The attack can only be initiated within the local network. Technical details are available. There is no exploit available. The price for an exploit might be around USD $0-$5k at the moment. MITRE ATT&CK project uses the attack technique T1505 for this issue. It is declared as not defined. We expect the 0-day to have been worth approximately $0-$5k. The identifier of the patch is b92451e4f9e85e26cf493c95ea0a69e354c35df9. The bugfix is ready for download at github.com. It is recommended to apply a patch to fix this issue. A possible mitigation has been published even before and not after the disclosure of the vulnerability.