ГлавнаяУязвимости → CVE-2024-55099
9.8критическая

CVE-2024-55099

Описание

A SQL Injection vulnerability was found in /admin/index.php in phpgurukul Online Nurse Hiring System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the username parameter.

Затрагиваемое ПО
Phpgurukul Online nurse hiring system
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/achchhelalchauhan/phpgurukul/blob/main/SQL%20injection%20ONHP-username.pdfhttps://github.com/kuzgunaka/CVE-2024-55099-Online-Nurse-Hiring-System-v1.0-SQL-Injection-Vulnerability-