Overview
- Description
- A vulnerability was found in code-projects E-Health Care System 1.0 and classified as critical. This issue affects some unknown processing of the file /Doctor/chat.php. The manipulation of the argument name/message leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory only mentions the parameter "name" to be affected. But it must be assumed that the parameter "message" is affected as well.
- Source
- cna@vuldb.com
- NVD status
- Analyzed
Risk scores
CVSS 4.0
- Type
- Secondary
- Base score
- 5.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
CVSS 2.0
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
Social media
- Hype score
- Not currently trending
🚨 CVE-2024-10809 (Published: 2024-11-05) - A critical vulnerability in the E-Health Care System affects multiple versions. Users are urged to update to the latest patch immediately to mitigate risks. Stay secure! More info: https://t.co/Mc1dM8PQcW #CyberSecurity… https://t.co/Zf
@transilienceai
9 Nov 2024
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-10809 (Published: 2024-11-05) - A high-severity vulnerability affecting CODE-PROJECTS. Ensure your systems are updated to the latest versions to mitigate risks. For detailed remediation steps, visit: https://t.co/dCk3Ge6N73. Stay secure! #CyberSecurity… https://t.co/p
@transilienceai
9 Nov 2024
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-10809 (Published: 2024-11-05) - A critical vulnerability has been identified in an unknown product. Versions affected are currently unspecified. Users are urged to check for updates and apply necessary patches immediately to mitigate risks. Stay safe! More info:… http
@transilienceai
9 Nov 2024
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-10809 A vulnerability was found in code-projects E-Health Care System 1.0 and classified as critical. This issue affects some unknown processing of the file /Doctor/chat.ph… https://t.co/0nipY2TpjA
@CVEnew
5 Nov 2024
450 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:anisha:e-health_care_system:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1FF4969C-5448-45BC-BD39-8ED478474F14"
}
],
"operator": "OR"
}
]
}
]