CVE-2023-37069

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 10, 2023
Updated: Aug 15, 2023
CWE ID 89

Summary

CVE-2023-37069 is a newly identified SQL Injection (SQLI) vulnerability affecting the Code-Projects Online Hospital Management System V1.0. This issue stems from the application's inability to validate user input in the login id and password fields effectively. Consequently, an attacker can exploit this weakness and inject malicious SQL code, manipulating queries executed by the system. The potential impact includes unauthorized access, data theft, or even system takeover, making it imperative for users to apply the necessary patches or updates as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share