CVE-2024-8569

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Sep 8, 2024
Updated: Sep 10, 2024
CWE ID 89

Summary

CVE-2024-8569 identifies a critical SQL injection vulnerability in the user-login.php file of the Hospital Management System 1.0 developed by Code-Projects. This vulnerability allows remote attackers to manipulate the username argument, potentially compromising the integrity and confidentiality of data. Affected products include specific versions denoted as 'ygwTA3' and 'yNP0nk'. To remediate this issue, it is essential for organizations to apply security patches or updates provided by the vendor and implement input validation measures to prevent unauthorized access. The vulnerability poses a significant risk as it can be exploited without requiring authentication, leading to potential data breaches.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share