返回 CVE 瀏覽器

CVE-2021-44095

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0070%

EPSS Percentile24.77th

Published2022年6月2日

Last Modified2024年11月21日

Vulnerability Description

A SQL injection vulnerability exists in ProjectWorlds Hospital Management System in php 1.0 on login page that allows a remote attacker to compromise Application SQL database.

Affected Platforms (CPE)

📦

Hospital Management System Project

Hospital Management System

= 1.0

References & Advisories

🔗 https://github.com/projectworldsofficial/hospital-management-system-in-php

🔗 https://github.com/projectworldsofficial/hospital-management-system-in-php/issues/1

🔗 https://medium.com/%40shubhamvpandey/cve-2021-44095-481059d14470

🔗 https://github.com/projectworldsofficial/hospital-management-system-in-php

🔗 https://github.com/projectworldsofficial/hospital-management-system-in-php/issues/1

🔗 https://medium.com/%40shubhamvpandey/cve-2021-44095-481059d14470

相關漏洞威脅

CVE-2020-266299.8

A JQuery Unrestricted Arbitrary File Upload vulnerability was discovered in Hospital Management System V4.0 which allows an unauth...

CVE-2021-387549.8

SQL Injection vulnerability in Hospital Management System due to lack of input validation in messearch.php.

CVE-2018-173939.8

SQL Injection exists in HealthNode Hospital Management System 1.0 via the id parameter to dashboard/Patient/info.php or dashboard/...

CVE-2021-436289.8

Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php.