CVE-2024-7320

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jul 31, 2024

Updated: Aug 12, 2024

CWE ID 89

Summary

CVE-2024-7320 is a newly disclosed critical vulnerability affecting the Admin Login component of the Online Blood Bank Management System 1.0. The issue lies in the file /admin/index.php, where a SQL injection vulnerability can be triggered through the manipulation of the user argument. This vulnerability can be exploited remotely, allowing unauthorized access to sensitive data. The exploit for this vulnerability, identified as VDB-273231, has been made public and poses an immediate threat. System administrators are advised to apply patches or updates as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xXHq6A
https://www.cve.org/CVERecord?id=CVE-2024-7320
https://nvd.nist.gov/vuln/detail/CVE-2024-7320

Back to Vulnerability Database

CVE-2024-7320

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations