CVE-2024-11729 — SQL Injection in Kivicare Clinic Patient Management System

CWE-89 — SQL Injection3 documents3 sources

Severity

6.5MEDIUMNVD

EPSS

0.5%

top 33.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Iqonicdesign Kivicare Clinic Patient Management System Iqonic Kivicare

Timeline

PublishedDec 6

Description

The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL Injection via the 'service_list[0][service_id]' parameter of the get_widget_payment_options AJAX action in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Custom-level access and above, to append additional SQL queries into alread…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5iqonicdesign/kivicare_clinic_patient_management_system3.6.4

▶NVDiqonic/kivicare3.6.5

Patches

Patch: plugins.trac.wordpress.org ↗

🔴Vulnerability Details

CVEList

KiviCare – Clinic & Patient Management System (EHR) <= 3.6.4 - Authenticated (Subscriber+) SQL Injection↗2024-12-06

▶

GHSA

GHSA-9hvm-6452-q45j: The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL Injection via the 'service_list[0][service_id]' para↗2024-12-06

▶