CVE-2024-12976 | CodeZips Hospital Management System 1.0 /staff.php tel sql injection

Posted by Angelo Barbosa | Dec 26, 2024 | CVE

A vulnerability, which was classified as critical, has been found in CodeZips Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /staff.php. The manipulation of the argument tel leads to sql injection.

This vulnerability is handled as CVE-2024-12976. The attack may be launched remotely. Furthermore, there is an exploit available.

Other parameters might be affected as well.

CVE-2024-12976 | CodeZips Hospital Management System 1.0 /staff.php tel sql injection

Related Posts

CVE-2024-26812 | Linux Kernel up to 6.1.83/6.6.23/6.7.11/6.8.2 INTx eventfd_signal Privilege Escalation

CVE-2024-51093 | Snipe-IT 7.0.13 #files cross site scripting

CVE-2023-6499 | lasTunes Plugin up to 3.6.1 on WordPress cross-site request forgery

CVE-2024-36011 | Linux Kernel up to 6.6.30/6.8.9 Bluetooth hci_le_big_sync_established_evt null pointer dereference (1f7ebb69c1d6/9f3be61f55d4/d2706004a1b8)