CVE-2023-33479

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Nov 7, 2023

Updated: Nov 14, 2023

CWE ID 89

Summary

CVE-2023-33479 is a newly disclosed vulnerability affecting RemoteClinic version 2.0. This issue allows remote attackers to inject malicious SQL queries into the /staff/edit.php file, potentially gaining unauthorized access to sensitive data or making unintended modifications. Successful exploitation could lead to significant data breaches or system compromise. Users are strongly urged to apply available patches promptly to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tT1oLg
https://www.cve.org/CVERecord?id=CVE-2023-33479
https://nvd.nist.gov/vuln/detail/CVE-2023-33479

Back to Vulnerability Database

CVE-2023-33479

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations