CVE-2024-28303
Severity CVSS v4.0:
Pending analysis
Type:
CWE-89
SQL Injection
Publication date:
19/03/2024
Last modified:
31/10/2024
Description
Open Source Medicine Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the date parameter at /admin/reports/index.php.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL