CVE-2024-54842
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-54842 is a newly discovered SQL injection vulnerability affecting the phpgurukul Online Nurse Hiring System v1.0. The issue lies in the /admin/password-recovery.php file and can be exploited through the mobileno parameter. An attacker can inject malicious SQL commands to gain unauthorized access to sensitive data or perform destructive operations on the database. This vulnerability poses a serious threat to the confidentiality and integrity of the affected system and requires immediate remediation. Users are advised to upgrade to the latest version of the software or implement suitable security measures to prevent attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.