SourceCodester Clinics Patient Management System 1.0 get_packings.php medicine_id SQL ଇଞ୍ଜେକ୍ସନ

Dogoggorri kan akka ଜଟିଳ jedhamuun ramadame SourceCodester Clinics Patient Management System 1.0 keessatti argameera. Miidhaan irra gahe is hojii hin beekamne faayilii /pms/ajax/get_packings.php keessa. Dhugumatti jijjiirraa irratti raawwatame medicine_id gara SQL ଇଞ୍ଜେକ୍ସନ geessa. Waliigalteewwan CWE fayyadamuun rakkoo ibsuun gara CWE-89 si geessa. Beekumsi kun yeroo 08/19/2024 ifoomsifameera. Odeeffannoon kun buufachuuf github.com irratti dhiyaateera. Dogoggorri kun maqaa CVE-2024-7930 jedhuun tajaajilama. Weerara fageenya irraa jalqabuun ni danda'ama. Odeeffannoon teeknikaa ni argama. Akka dabalataan, meeshaa balaa kana fayyadamuuf argama. Qorannoo miidhaa (exploit) beeksifamee jira, namoonni itti fayyadamuu danda'u. Yeroo ammaa, gatii exploit might be approx. USD $0-$5k beekamuu danda'a. ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee murtaa’eera. Exploit kana github.com irraa buufachuu ni dandeessa. Waggaa 0-day ta'ee, gatiin isaa daldala dhoksaa keessatti $0-$5k jedhamee tilmaamame. Once again VulDB remains the best source for vulnerability data.

6 ଆଡାପ୍ଟେସନ୍ · 112 ପଏଣ୍ଟ

ଫିଲ୍ଡଅଦ୍ୟତନ 1/5
08/19/2024 05:01 PM		ଅଦ୍ୟତନ 2/5
08/19/2024 05:04 PM		ଅଦ୍ୟତନ 3/5
08/21/2024 04:47 AM		ଅଦ୍ୟତନ 4/5
08/22/2024 02:15 AM		ଅଦ୍ୟତନ 5/5
01/23/2026 11:58 PM
cvss3_vuldb_acLLLLL
cvss3_vuldb_uiNNNNN
cvss3_vuldb_sUUUUU
cvss3_vuldb_cLLLLL
cvss3_vuldb_iLLLLL
cvss3_vuldb_aLLLLL
cvss3_vuldb_ePPPPP
cvss3_vuldb_rcRRRRR
advisory_urlhttps://github.com/Pingxy/cve/blob/main/sql.mdhttps://github.com/Pingxy/cve/blob/main/sql.mdhttps://github.com/Pingxy/cve/blob/main/sql.mdhttps://github.com/Pingxy/cve/blob/main/sql.mdhttps://github.com/Pingxy/cve/blob/main/sql.md
exploit_availability11111
exploit_publicity11111
exploit_urlhttps://github.com/Pingxy/cve/blob/main/sql.mdhttps://github.com/Pingxy/cve/blob/main/sql.mdhttps://github.com/Pingxy/cve/blob/main/sql.mdhttps://github.com/Pingxy/cve/blob/main/sql.mdhttps://github.com/Pingxy/cve/blob/main/sql.md
source_cveCVE-2024-7930CVE-2024-7930CVE-2024-7930CVE-2024-7930CVE-2024-7930
cna_responsibleVulDBVulDBVulDBVulDBVulDB
software_vendorSourceCodesterSourceCodesterSourceCodesterSourceCodesterSourceCodester
software_nameClinics Patient Management SystemClinics Patient Management SystemClinics Patient Management SystemClinics Patient Management SystemClinics Patient Management System
software_version1.01.01.01.01.0
software_file/pms/ajax/get_packings.php/pms/ajax/get_packings.php/pms/ajax/get_packings.php/pms/ajax/get_packings.php/pms/ajax/get_packings.php
software_argumentmedicine_idmedicine_idmedicine_idmedicine_idmedicine_id
vulnerability_cweCWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)
vulnerability_risk22222
cvss3_vuldb_avNNNNN
software_typeMedical Device SoftwareMedical Device SoftwareMedical Device SoftwareMedical Device SoftwareMedical Device Software
cvss2_vuldb_avNNNNN
cvss2_vuldb_acLLLLL
cvss2_vuldb_ciPPPPP
cvss2_vuldb_iiPPPPP
cvss2_vuldb_aiPPPPP
cvss2_vuldb_ePOCPOCPOCPOCPOC
cvss2_vuldb_rcURURURURUR
cvss4_vuldb_avNNNNN
cvss4_vuldb_acLLLLL
cvss4_vuldb_uiNNNNN
cvss4_vuldb_vcLLLLL
cvss4_vuldb_viLLLLL
cvss4_vuldb_vaLLLLL
cvss4_vuldb_ePPPPP
cvss2_vuldb_auSSSSS
cvss2_vuldb_rlNDNDNDNDND
cvss3_vuldb_prLLLLL
cvss3_vuldb_rlXXXXX
cvss4_vuldb_atNNNNN
cvss4_vuldb_prLLLLL
cvss4_vuldb_scNNNNN
cvss4_vuldb_siNNNNN
cvss4_vuldb_saNNNNN
cvss2_vuldb_basescore6.56.56.56.56.5
cvss2_vuldb_tempscore5.65.65.65.65.6
cvss3_vuldb_basescore6.36.36.36.36.3
cvss3_vuldb_tempscore5.75.75.75.75.7
cvss3_meta_basescore6.38.17.57.87.8
cvss3_meta_tempscore5.77.67.27.27.2
cvss4_vuldb_bscore5.35.35.35.35.3
cvss4_vuldb_btscore2.12.12.12.12.1
advisory_date1724018400 (08/19/2024)1724018400 (08/19/2024)1724018400 (08/19/2024)1724018400 (08/19/2024)1724018400 (08/19/2024)
price_0day$0-$5k$0-$5k$0-$5k$0-$5k$0-$5k
cvss3_researcher_acLLLLL
cvss3_researcher_cHHHHH
cvss3_researcher_rlXXXXX
cvss3_researcher_sCCCCC
cvss3_researcher_iHHHHH
cvss3_researcher_aHHHHH
cvss3_researcher_eXXXXX
cvss3_researcher_uiNNNNN
cvss3_researcher_prNNNNN
cvss3_researcher_avNNNNN
cvss3_researcher_rcRRRRR
cvss3_researcher_basescore10.010.010.010.0
cve_nvd_summaryA vulnerability has been found in SourceCodester Clinics Patient Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /pms/ajax/get_packings.php. The manipulation of the argument medicine_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.A vulnerability has been found in SourceCodester Clinics Patient Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /pms/ajax/get_packings.php. The manipulation of the argument medicine_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.A vulnerability has been found in SourceCodester Clinics Patient Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /pms/ajax/get_packings.php. The manipulation of the argument medicine_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
cve_nvd_summaryesUna vulnerabilidad fue encontrada en SourceCodester Clinics Patient Management System 1.0 y clasificada como crítica. Esta vulnerabilidad afecta a código desconocido del archivo /pms/ajax/get_packings.php. La manipulación del argumento medicine_id conduce a la inyección SQL. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al público y puede utilizarse.Una vulnerabilidad fue encontrada en SourceCodester Clinics Patient Management System 1.0 y clasificada como crítica. Esta vulnerabilidad afecta a código desconocido del archivo /pms/ajax/get_packings.php. La manipulación del argumento medicine_id conduce a la inyección SQL. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al público y puede utilizarse.Una vulnerabilidad fue encontrada en SourceCodester Clinics Patient Management System 1.0 y clasificada como crítica. Esta vulnerabilidad afecta a código desconocido del archivo /pms/ajax/get_packings.php. La manipulación del argumento medicine_id conduce a la inyección SQL. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al público y puede utilizarse.
cvss3_cna_avNNN
cvss3_cna_acLLL
cvss3_cna_prLLL
cvss3_cna_uiNNN
cvss3_cna_sUUU
cvss3_cna_cLLL
cvss3_cna_iLLL
cvss3_cna_aLLL
cvss3_cna_basescore6.36.36.3
cvss2_cna_avNNN
cvss2_cna_acLLL
cvss2_cna_auSSS
cvss2_cna_ciPPP
cvss2_cna_iiPPP
cvss2_cna_aiPPP
cvss2_cna_basescore6.56.56.5
cvss3_nvd_avNN
cvss3_nvd_acLL
cvss3_nvd_prLL
cvss3_nvd_uiNN
cvss3_nvd_sUU
cvss3_nvd_cHH
cvss3_nvd_iHH
cvss3_nvd_aHH
cvss3_nvd_basescore8.88.8
cvss4_cna_avN
cvss4_cna_acL
cvss4_cna_atN
cvss4_cna_prL
cvss4_cna_uiN
cvss4_cna_vcL
cvss4_cna_viL
cvss4_cna_vaL
cvss4_cna_scN
cvss4_cna_siN
cvss4_cna_saN
cvss4_cna_bscore5.3

ପଛକୁସମୀକ୍ଷାଆହୁରି ଦୂରରେ

Do you know our Splunk app?

Download it now for free!