ГлавнаяУязвимости → CVE-2024-36673
9.8критическая

CVE-2024-36673

Описание

Sourcecodester Pharmacy/Medical Store Point of Sale System 1.0 is vulnerable SQL Injection via login.php. This vulnerability stems from inadequate validation of user inputs for the email and password parameters, allowing attackers to inject malicious SQL queries.

Затрагиваемое ПО
Pharmacy\/medical store point of sale system project Pharmacy\/medical store point of sale system
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/CveSecLook/cve/issues/39https://github.com/CveSecLook/cve/issues/39