CVE-2020-22172

Name of the Vulnerable Software and Affected Versions PHPGurukul Hospital Management System in PHP version 4.0

Description The issue concerns a SQL injection vulnerability located in the hmsget doctor.php file. This vulnerability can be exploited by remote unauthenticated users to obtain sensitive database information.

Recommendations For PHPGurukul Hospital Management System in PHP version 4.0, consider restricting access to the hmsget doctor.php file until a patch is available. As a temporary workaround, avoid using user-supplied input in SQL queries to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.