CVE-2024-10296 - CERT CVE
ID CVE-2024-10296
Sažetak A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/card-bwdates-reports-details.php of the component Report of Medical Card Page. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Reference
CVSS
Base: 5.8
Impact: 6.4
Exploitability:6.4
Pristup
VektorSloženostAutentikacija
NETWORK LOW MULTIPLE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:N/AC:L/Au:M/C:P/I:P/A:P
Zadnje važnije ažuriranje 25-10-2024 - 12:56
Objavljeno 23-10-2024 - 17:15