CVE-2024-6966

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jul 22, 2024

Updated: Aug 12, 2024

CWE ID 89

Summary

CVE-2024-6966 is a critical vulnerability identified in the Online Blood Bank Management System 1.0. The issue lies within the login.php component's unknown functionality, where manipulation of the user/pass argument leads to SQL injection attacks. These attacks can be launched remotely, and the exploit has already been disclosed to the public, posing a significant threat. (VDB-272120)

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xJ4k0o
https://www.cve.org/CVERecord?id=CVE-2024-6966
https://nvd.nist.gov/vuln/detail/CVE-2024-6966

Back to Vulnerability Database

CVE-2024-6966

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations