CVE-2024-8944

Summary

CVE-2024-8944 is a critical vulnerability identified in the Hospital Management System 1.0, specifically within the file check_availability.php, which is susceptible to SQL injection through manipulation of the email argument. This issue allows for remote exploitation, posing a risk of unauthorized access and potential data compromise to organizations using this software. To remediate the vulnerability, users are advised to apply available patches as soon as they are provided by the developers or security advisories. The vulnerability has been publicly disclosed, increasing its threat level and likelihood of exploitation. The CVSS score for this vulnerability is 7.5, indicating high severity with low attack complexity and no required user interaction.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.