CVE-2023-37069
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2023-37069 is a newly identified SQL Injection (SQLI) vulnerability affecting the Code-Projects Online Hospital Management System V1.0. This issue stems from the application's inability to validate user input in the login id and password fields effectively. Consequently, an attacker can exploit this weakness and inject malicious SQL code, manipulating queries executed by the system. The potential impact includes unauthorized access, data theft, or even system takeover, making it imperative for users to apply the necessary patches or updates as soon as possible.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.