CVE-2024-10299: PHPGurukul Medical Card Generation System Managecard View Detail Page view-card-detail.php sql injection
First published: Wed Oct 23 2024(Updated: )
A vulnerability classified as critical was found in PHPGurukul Medical Card Generation System 1.0. This vulnerability affects unknown code of the file /admin/view-card-detail.php of the component Managecard View Detail Page. The manipulation of the argument viewid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Anujkumar Medical Card Generation System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-10299?
CVE-2024-10299 is classified as a critical vulnerability.
How do I fix CVE-2024-10299?
To mitigate CVE-2024-10299, validate and sanitize user inputs in the viewid parameter to prevent SQL injection.
What component is affected by CVE-2024-10299?
CVE-2024-10299 affects the Managecard View Detail Page in PHPGurukul Medical Card Generation System version 1.0.
What type of vulnerability is CVE-2024-10299?
CVE-2024-10299 is an SQL injection vulnerability.
Can CVE-2024-10299 be exploited remotely?
Yes, CVE-2024-10299 can potentially be exploited remotely through manipulated input.
- agent/references
- agent/title
- agent/weakness
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- agent/severity
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- vendor/phpgurukul
- canonical/anujkumar medical card generation system
- version/anujkumar medical card generation system/1.0