CVE-2024-9813

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Oct 10, 2024
Updated: Oct 15, 2024
CWE ID 89

Summary

CVE-2024-9813 is a critical vulnerability identified in the Codezips Pharmacy Management System version 1.0, specifically affecting the processing of the file product/register.php, which allows for SQL injection through manipulation of the argument category. This vulnerability can be exploited remotely without requiring authentication or user interaction, posing significant risks to data confidentiality, integrity, and availability. Organizations using this software are urged to implement remediation measures such as input validation and sanitization to mitigate potential attacks. The CVSS v3.1 score for this vulnerability is 9.8, indicating a high severity level that necessitates prompt attention. Public disclosure of this exploit heightens the urgency for affected users to address the issue immediately to prevent unauthorized data access or manipulation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share