How severe is CVE-2024-6795?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2024-6795?

This is classified as CWE-89, which is a common weakness in software security.

CVE-2024-6795 - CRITICAL Severity | CVSS 9.8

Vulnerability Description

In Connex health portal released before8/30/2024, SQL injection vulnerabilities were found that could have allowed an unauthenticated attacker to gain unauthorized access to Connex portal's database. An attacker could have submitted a crafted payload to Connex portal that could have resulted in modification and disclosure of database content and/or perform administrative operations including shutting down the database.

Related Vulnerabilities

CVE-2005-4891

CRITICAL

CVSS:9.8(Critical)

Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements.

CWE-892005

CVE-2006-5603

CRITICAL

CVSS:9.8(Critical)

SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the RC parameter. NOTE: the provenance of this information is unkn...

CWE-892006

CVE-2007-10002

CRITICAL

CVSS:9.8(Critical)

A vulnerability, which was classified as critical, has been found in web-cyradm. Affected by this issue is some unknown functionality of the file auth.inc.php. The manipulation of the argument login/l...

CWE-892007

CVE-2007-2534

CRITICAL

CVSS:9.8(Critical)

Multiple SQL injection vulnerabilities in admin.php in phpHoo3 allow remote attackers to execute arbitrary SQL commands via the (1) ADMIN_USER (USER) and (2) ADMIN_PASS (PASS) parameters during a logi...

CWE-892007

CVE-2007-3652

CRITICAL

CVSS:9.8(Critical)

SQL injection vulnerability in class/page.php in Farsi Script (aka FaScript) FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might be the same iss...

CWE-892007

CVE-2008-10003

CRITICAL

CVSS:9.8(Critical)

A vulnerability was found in iGamingModules flashgames 1.1.0. It has been classified as critical. Affected is an unknown function of the file game.php. The manipulation of the argument lid leads to sq...

CWE-892008