A vulnerability was found in code-projects E-Health Care System 1.0. It has been classified as critical. Affected is an unknown function of the file Doctor/app_request.php. The manipulation of the argument app_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
History

Wed, 06 Nov 2024 15:45:00 +0000

Type Values Removed Values Added
First Time appeared Anisha
Anisha e-health Care System
CPEs cpe:2.3:a:anisha:e-health_care_system:1.0:*:*:*:*:*:*:*
Vendors & Products Anisha
Anisha e-health Care System

Tue, 05 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
First Time appeared Code-projects
Code-projects e-health Care System
CPEs cpe:2.3:a:code-projects:e-health_care_system:1.0:*:*:*:*:*:*:*
Vendors & Products Code-projects
Code-projects e-health Care System
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 05 Nov 2024 02:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in code-projects E-Health Care System 1.0. It has been classified as critical. Affected is an unknown function of the file Doctor/app_request.php. The manipulation of the argument app_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Title code-projects E-Health Care System app_request.php sql injection
Weaknesses CWE-707
CWE-74
CWE-89
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2024-11-05T02:00:06.606Z

Updated: 2024-11-05T16:04:15.348Z

Reserved: 2024-11-04T17:59:18.167Z

Link: CVE-2024-10810

cve-icon Vulnrichment

Updated: 2024-11-05T16:02:57.652Z

cve-icon NVD

Status : Analyzed

Published: 2024-11-05T02:15:04.250

Modified: 2024-11-06T15:16:12.497

Link: CVE-2024-10810

cve-icon Redhat

No data.