Описание
SQL injection vulnerability in Sourcecodester Patient Appointment Scheduler System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username and password fields to login.php.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:patient_appointment_scheduler_system_project:patient_appointment_scheduler_system:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 50%
0.00264
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
около 4 лет назад
SQL injection vulnerability in Sourcecodester Patient Appointment Scheduler System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username and password fields to login.php.
EPSS
Процентиль: 50%
0.00264
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-89