CVE-2024-10967 | code-projects E-Health Care System 1.0 delete_user_appointment_request.php id sql injection

Inserito da Angelo Barbosa | Nov 7, 2024 | CVE

A vulnerability was found in code-projects E-Health Care System 1.0. It has been classified as critical. Affected is an unknown function of the file /Doctor/delete_user_appointment_request.php. The manipulation of the argument id leads to sql injection.

This vulnerability is traded as CVE-2024-10967. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-10967 | code-projects E-Health Care System 1.0 delete_user_appointment_request.php id sql injection

Post correlati

CVE-2024-4379 | Premium Addons for Elementor Plugin up to 4.10.31 on WordPress Global Tooltip cross site scripting

CVE-2024-4862 | WPBITS Addons for Elementor Page Builder Plugin up to 1.5 on WordPress Widgets cross site scripting

CVE-2024-33101 | ThinkSAAS 3.7.0 /action/anti.php word cross site scripting (Issue 34)

CVE-2024-27035 | Linux Kernel up to 6.1.82/6.6.22/6.7.10/6.8.1 f2fs memory corruption