CVE-2024-9817: code-projects Blood Bank System update.php sql injection
First published: Thu Oct 10 2024(Updated: )
A vulnerability was found in code-projects Blood Bank System 1.0. It has been classified as critical. This affects an unknown part of the file /update.php. The manipulation of the argument name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Blood Bank Management System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-9817?
CVE-2024-9817 has been classified as critical due to its potential for remote SQL injection.
How do I fix CVE-2024-9817?
To fix CVE-2024-9817, you should sanitize and validate all input parameters in the /update.php file.
What software is affected by CVE-2024-9817?
CVE-2024-9817 affects Blood Bank System version 1.0.
Can CVE-2024-9817 be exploited remotely?
Yes, CVE-2024-9817 can be exploited remotely through improper handling of input parameters.
What type of vulnerability is CVE-2024-9817?
CVE-2024-9817 is classified as an SQL injection vulnerability.
- agent/weakness
- agent/references
- agent/title
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/trending
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/blood bank system project
- canonical/blood bank management system
- version/blood bank management system/1.0