CVE-2022-24226

Name of the Vulnerable Software and Affected Versions Hospital Management System version 4.0

Description The issue is related to a blind SQL injection vulnerability in the register function of the Hospital Management System, specifically via the func2.php file. This vulnerability can be exploited by a remote attacker to disclose protected information. The vulnerability is due to the lack of protection of the SQL query structure.

Recommendations For Hospital Management System version 4.0, consider disabling the register function in func2.php until a patch is available to prevent exploitation of the blind SQL injection vulnerability. Restrict access to the func2.php file to minimize the risk of information disclosure. Avoid using the register function until the issue is resolved.