CVE-2024-8569
CVSS 3.1 Score 7.3 of 10 (high)
Details
Summary
CVE-2024-8569 identifies a critical SQL injection vulnerability in the user-login.php file of the Hospital Management System 1.0 developed by Code-Projects. This vulnerability allows remote attackers to manipulate the username argument, potentially compromising the integrity and confidentiality of data. Affected products include specific versions denoted as 'ygwTA3' and 'yNP0nk'. To remediate this issue, it is essential for organizations to apply security patches or updates provided by the vendor and implement input validation measures to prevent unauthorized access. The vulnerability poses a significant risk as it can be exploited without requiring authentication, leading to potential data breaches.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.