There is no information about possible countermeasures known. By approaching the search of inurl:patientforgotpassword.php it is possible to find vulnerable targets with Google Hacking. The MITRE ATT&CK project declares the attack technique as T1505. Technical details as well as a public exploit are known. This vulnerability is handled as CVE-2023-3808. Impacted is confidentiality, integrity, and availability. The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Using CWE to declare the problem leads to CWE-89. The manipulation with an unknown input leads to a sql injection vulnerability. Affected by this issue is some unknown functionality of the file patientforgotpassword.php. A high score indicates an elevated risk to be targeted for this vulnerability.Ī vulnerability was found in Hospital Management System 1.0 and classified as critical. The CTI Interest Score identifies the interest of attackers and the security community for this specific vulnerability in real-time. Our Cyber Threat Intelligence team is monitoring different web sites, mailing lists, exploit markets and social media networks.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |