CVE-2024-8147

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published Aug 25, 2024
Updated: Aug 26, 2024
CWE ID 89

Summary

CVE-2024-8147 is a critical vulnerability found in the Pharmacy Management System 1.0, which affects the processing of the /index.php?action=editPharmacist file and allows for SQL injection due to improper handling of the id argument. This vulnerability can be exploited remotely, posing a medium-level threat to organizations using this software by potentially compromising data integrity and confidentiality. Remediation steps include applying patches provided by the vendor or disabling affected functionalities until a fix is available. The vulnerability has been publicly disclosed, increasing the risk of exploitation. Organizations are advised to implement security measures to mitigate potential attacks related to this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share