Key Information 1. Vulnerability ID: - VDB-281565 - CVE-2024-10298 2. Vulnerability Name: - PHPGURUKUL Medical Card Generation System 1.0 ManageCard Edit Card Detail Page EditCardDetail.php SQL Injection 3. CVSS Meta Temp Score: - 4.5 4. Current Vulnerability Price: - $0-$5k 5. CTI Interest Score: - 1.03 6. Vulnerability Description: - This vulnerability exists in unknown code within PHPGurukul Medical Card Generation System 1.0, affecting the component Managecard Edit Card Detail Page in the file /admin/edit-card-detail.php. External input can be used to construct or partially construct SQL commands, and special elements are not properly neutralized or escaped, which may alter SQL commands sent to downstream components. This impacts the confidentiality, integrity, and availability of data. 7. Vulnerability Identification: - CVE-2024-10298 8. Vulnerability Type: - SQL Injection 9. Vulnerability Impact: - Can be exploited remotely. 10. Exploit Availability: - Publicly disclosed, potentially exploitable. 11. Exploit Difficulty: - Easy to exploit. 12. Exploitation Method: - Vulnerable targets can be found by searching . 13. Recommended Mitigation: - Replace the affected component. Related Links Related Vulnerability Records: VDB-235234, VDB-235242, VDB-235677, VDB-235679 Additional Information Copyright: © 1997-2024 vuldb.com, CC BY-NC-SA Version: v18.8.2