CyberSec.Space Logo
返回 CVE 浏览器

CVE-2020-5192

HIGH
8.8
CVSS Severity Score
EPSS Score0.0610%
EPSS Percentile25.22th
Published2020年1月6日
Last Modified2024年11月21日

Vulnerability Description

PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple SQL injection vulnerabilities: multiple pages and parameters are not validating user input, and allow for the application's database and information to be fully compromised.

Affected Platforms (CPE)

📦
Phpgurukul

Hospital Management System

= 4.0

References & Advisories

🔗 https://phpgurukul.com/hospital-management-system-in-php/
🔗 https://www.exploit-db.com/exploits/47840
🔗 https://phpgurukul.com/hospital-management-system-in-php/
🔗 https://www.exploit-db.com/exploits/47840

相关漏洞威胁

CVE-2020-266299.8

A JQuery Unrestricted Arbitrary File Upload vulnerability was discovered in Hospital Management System V4.0 which allows an unauth...

CVE-2021-387549.8

SQL Injection vulnerability in Hospital Management System due to lack of input validation in messearch.php.

CVE-2018-173939.8

SQL Injection exists in HealthNode Hospital Management System 1.0 via the id parameter to dashboard/Patient/info.php or dashboard/...

CVE-2021-436289.8

Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php.