SQL Injection Vulnerability Discovered in Health Care Hospital Management System
CVE-2024-37802

8.8HIGH

Key Information:

Vendor: CodeProjects
Status: Health Care Hospital Management System
Vendor: CVE Published:; 18 June 2024

🔔 Create CodeProjects Vulnerability Alert

What is CVE-2024-37802?

A SQL injection vulnerability has been identified in the Patient Info module of CodeProjects Health Care Hospital Management System version 1.0. This vulnerability arises from improper handling of user input through the 'searvalu' parameter, allowing attackers to manipulate SQL queries. Exploiting this weakness can result in unauthorized access to sensitive patient information, potentially leading to data breaches and major security concerns within healthcare environments. Organizations using this system must prioritize assessments and remediation efforts to safeguard against this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://code-projects.org/health-care-hospital-in-php-css...

https://github.com/SandeepRajauriya/CVEs/blob/main/CVE-20...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 18, 2024
Vulnerability Reserved
Jun 10, 2024

JSON

CodeProjects

What is CVE-2024-37802?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.