SQL Injection Vulnerability in Code-Projects Patient Record Management System
CVE-2024-9034

Currently unrated

Key Information:

Vendor
code-projects
Status
Patient Record Management System
Vendor
CVE Published:
20 September 2024

Summary

A significant security flaw has been identified in the Code-Projects Patient Record Management System version 1.0, predominantly affecting the file login.php. This vulnerability occurs through improper handling of user inputs, specifically the username parameter, which can be exploited to perform SQL injection attacks. Attackers may remotely launch this exploit, leveraging it to access sensitive information within the database. The issue has been publicly disclosed, underscoring the urgent need for users to implement security measures to safeguard their systems against potential intrusions.

References

https://vuldb.com/?id.278204
https://vuldb.com/?ctiid.278204
https://vuldb.com/?submit.411119

Timeline

  • Vulnerability published

.
CVE-2024-9034 : SQL Injection Vulnerability in Code-Projects Patient Record Management System | SecurityVulnerability.io