CVE-2024-8138

NVD Published Date: August 25, 2024 at 01:15 AM
NVD Last Modified: August 27, 2024 at 03:51 PM
Download Patch
Vulnerability ID
CVE-2024-8138
Severity
CRITICAL
Severity Score
9.8
Summary
A vulnerability, which was classified as critical, was found in code-projects Pharmacy Management System 1.0. Affected is the function editManager of the file /index.php?action=editManager of the component Parameter Handler. The manipulation of the argument id as part of String leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
Mitigation and Patches
-
Metasploit Payload
-
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE ID
CWE-89

Recent Publish

CVE-2024-8139

CVE-2024-45244

CVE-2024-8141

CVE-2024-8140

CVE-2024-8142

CVE-2024-8144

See SecOps Solution
in action

Schedule Demo