SecBoard
Zurück zur CVE-Übersicht

CVE-2024-46532

CRITICAL(9.8)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Risk Signal Score25/100 — MITTEL
  • CVSS 9.8 — Kritisch

EPSS-Score

1%

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

9.8

Technische Schwere

Beschreibung

SQL Injection vulnerability in OpenHIS v.1.0 allows an attacker to execute arbitrary code via the refund function in the PayController.class.php component.

Referenzen