PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\get_doctor.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
References
Link | Resource |
---|---|
https://github.com/itodaro/PHPGurukul_Hospital_Management_System4.0_cve | Exploit Third Party Advisory |
https://github.com/itodaro/PHPGurukul_Hospital_Management_System4.0_cve | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 05:13
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/itodaro/PHPGurukul_Hospital_Management_System4.0_cve - Exploit, Third Party Advisory |
14 Nov 2023, 16:21
Type | Values Removed | Values Added |
---|---|---|
First Time |
Phpgurukul hospital Management System
|
|
CPE | cpe:2.3:a:phpgurukul:hospital_management_system:4.0:*:*:*:*:*:*:* |
Information
Published : 2021-06-22 15:15
Updated : 2024-11-21 05:13
NVD link : CVE-2020-22170
Mitre link : CVE-2020-22170
CVE.ORG link : CVE-2020-22170
JSON object : View
Products Affected
phpgurukul
- hospital_management_system
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')