CVE-2020-22168

Name of the Vulnerable Software and Affected Versions PHPGurukul Hospital Management System in PHP version 4.0

Description The issue allows remote unauthenticated users to exploit a SQL injection vulnerability in the hmschange-emaild.php file to obtain sensitive database information.

Recommendations For PHPGurukul Hospital Management System in PHP version 4.0, consider restricting access to the hmschange-emaild.php file until a patch is available. As a temporary workaround, avoid using the vulnerable file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.