CVE-2023-4440

Summary

CVE-2023-4440 is a critical vulnerability identified in SourceCodester Free Hospital Management System for Small Practices 1.0. The issue lies within the appointment.php file, and an attacker can exploit it through manipulation of the sheduledate argument. This leads to SQL injection, allowing the attacker to gain unauthorized access to sensitive data. Remotely initiated attacks are possible, making this a significant security risk. The exploit for this vulnerability has been publicly disclosed, increasing the threat level. VDB-237561 is the identifier assigned to this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.