CVE-2024-0362

Name of the Vulnerable Software and Affected Versions PHPGurukul Hospital Management System version 1.0

Description A critical vulnerability was found in the PHPGurukul Hospital Management System. The issue affects an unknown functionality of the file admin/change-password.php. The manipulation of the cpass argument leads to SQL injection.

Recommendations For PHPGurukul Hospital Management System version 1.0, consider disabling the change-password functionality in the admin panel until a patch is available. Restrict access to the admin/change-password.php file to minimize the risk of exploitation. Avoid using the cpass argument in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.