Описание
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in add_patient.php. As a result, an authenticated malicious user can compromise the databases system and in some cases leverage this vulnerability to get remote code execution on the remote web server.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- Product
- ExploitIssue TrackingThird Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:projectworlds:hospital_management_system_in_php:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 80%
0.01417
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
около 4 лет назад
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in add_patient.php. As a result, an authenticated malicious user can compromise the databases system and in some cases leverage this vulnerability to get remote code execution on the remote web server.
EPSS
Процентиль: 80%
0.01417
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89