HomePentest-Tools.com Logo

Hospital Management System 1.0 - SQL Injection CVE-2022-38637

Severity
CVSSv3 Score
9.8
Vulnerability description

Hospital Management System 1.0 contains a SQL injection vulnerability via the editid parameter in /HMS/user-login.php. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n

Risk description

No risk description to display.

Recommendation

Upgrade to the latest version to mitigate this vulnerability.

Codename
Not available
Detectable with
Network Scanner
Scan engine
Nuclei
Exploitable with Sniper
No
CVE Published
Sep 13, 2022
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available