CVE-2024-9035

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Sep 20, 2024
Updated: Sep 26, 2024
CWE ID 89

Summary

CVE-2024-9035 is a critical vulnerability affecting the Blood Bank Management System version 1.0, specifically in the admin/login.php file, where SQL injection can occur due to improper handling of username and password inputs. This vulnerability allows for remote exploitation with no required user interaction or privileges, posing significant risks to an organization’s data integrity and confidentiality. To remediate this issue, it is essential for administrators to update or patch the affected software component promptly. Given its high exploitability score of 3.9 and a CVSS base score of 7.3, organizations are advised to prioritize addressing this vulnerability to mitigate potential security breaches. The public disclosure of this exploit increases the urgency for remediation actions.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share