CVE-2023-41527

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Hospital Management System version 4

Description The Hospital Management System is susceptible to a SQL injection issue through the password2 parameter within the func.php file. This allows for potential unauthorized database access or modification.

Recommendations Sanitize or validate the password2 parameter in the func.php file to prevent SQL injection attacks.

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2023-41527

Affected Products

Hospital Management System

CVE-2023-41527

Weakness Enumeration

Related Identifiers

Affected Products

References · 7