A vulnerability has been found in code-projects E-Health Care System 1.0 and classified as critical. This vulnerability affects unknown code of the file /Users/registration.php. The manipulation of the argument f_name leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
References
Link | Resource |
---|---|
https://code-projects.org/ | Product |
https://github.com/maxihongtatum/cve/blob/main/sql14.md | Exploit |
https://vuldb.com/?ctiid.282910 | Permissions Required VDB Entry |
https://vuldb.com/?id.282910 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.436319 | Third Party Advisory VDB Entry |
Configurations
History
05 Nov 2024, 20:14
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
Summary |
|
|
First Time |
Anisha
Anisha e-health Care System |
|
CPE | cpe:2.3:a:anisha:e-health_care_system:1.0:*:*:*:*:*:*:* | |
References | () https://code-projects.org/ - Product | |
References | () https://github.com/maxihongtatum/cve/blob/main/sql14.md - Exploit | |
References | () https://vuldb.com/?ctiid.282910 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?id.282910 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.436319 - Third Party Advisory, VDB Entry |
03 Nov 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-11-03 21:15
Updated : 2024-11-05 20:14
NVD link : CVE-2024-10741
Mitre link : CVE-2024-10741
CVE.ORG link : CVE-2024-10741
JSON object : View
Products Affected
anisha
- e-health_care_system
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')