CVE-2024-12918

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Feb 24, 2025

CWE ID 89

Summary

CVE-2024-12918 is an SQL Injection vulnerability affecting Agito Computer's Health4All software. The issue arises due to improper neutralization of special elements used in SQL commands. Hackers can exploit this vulnerability to inject malicious SQL statements and gain unauthorized access to sensitive data. This security flaw puts all Health4All installations before version 10.01.2025 at risk. It is highly recommended that affected organizations apply the necessary patches to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/14mexQ
https://www.cve.org/CVERecord?id=CVE-2024-12918
https://nvd.nist.gov/vuln/detail/CVE-2024-12918

Back to Vulnerability Database

CVE-2024-12918

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations