CVE-2022-24263
CVE-2022-24263
Vexday Risk Score
23Low
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Proof of concept
Public proof of concept exists, but not yet automated.
CVSS —EPSS 8.2%KEV nãoPoC públicaNuclei —Metasploit —Patch —
Lifecycle
31 Jan 2022Published on NVD
08 Feb 2022Public PoC
Weaponization speed
7 daysto first PoC
Weaponized quickly — attackers prioritized this vulnerability. Patch urgently.
Recommendation: Plan a near-term fix — a public PoC already exists.
Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/func.php via the email parameter.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencepacketstormsecurity.com/files/165882/Hospital-Management-System-4.0-SQL-Injection.htmlunverifiedexploitdbwww.exploit-db.com/exploits/50718unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://packetstormsecurity.com/files/165882/Hospital-Management-System-4.0-SQL-Injection.htmlhttps://github.com/kishan0725/Hospital-Management-System/issues/17https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-24263https://github.com/truonghuuphuc/CVEhttps://www.nu11secur1ty.com/2022/02/cve-2022-24263.html