Pharmacy Management System SQL Injection Vulnerability

2023-05-1800:00:00

China National Vulnerability Database

www.cnvd.org.cn

pharmacy management system

sql injection

vulnerability

multilingual

login_core.php

illegal commands

sensitive data

database

0.002 Low

EPSS

Percentile

54.3%

JSON

Pharmacy Management System (MPMS) is a multilingual pharmacy management system. A SQL injection vulnerability exists in Pharmacy Management System v1.0, which originates from the email parameter in login_core.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL commands to steal sensitive database data.

CPENameOperatorVersion
pharmacy management system pharmacy management system veq1.0

CPE	Name	Operator	Version
	pharmacy management system pharmacy management system v	eq	1.0

0.002 Low

EPSS

Percentile

54.3%

JSON

Related for CNVD-2023-40908