6 matches found
CVE-2020-26630
A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which can allow an attacker to dump database information via a special payload in the 'Doctor Specialization' field under the 'Go to Doctors' tab after logging in as an admin...
CVE-2020-26630
A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which can allow an attacker to dump database information via a special payload in the 'Doctor Specialization' field under the 'Go to Doctors' tab after logging in as an admin...
CVE-2020-26630
A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which can allow an attacker to dump database information via a special payload in the 'Doctor Specialization' field under the 'Go to Doctors' tab after logging in as an admin...
CVE-2020-26630
CVE-2020-26630 describes a Time-Based SQL Injection in Hospital Management System v4.0 where an attacker with admin login can cause the application to dump database information via a payload in the Doctor Specialization field (Go to Doctors). The root cause is an injectable input in that field wh...
Hospital Management System 4.0 XSS / Shell Upload / SQL Injection
Description: Mutiple vulnerabilties were discovered in Hospital Management System Affected CMS: Hospital Management System Affected Version: unread query - type something in admin remark e.g test and submit Step 3. Replace the POST body to below payload and server will respond after 5 second...
Hospital Management System 4.0 XSS / Shell Upload / SQL Injection Vulnerabilities
Hospital Management System versions 4.0 and below suffer from cross site scripting, remote shell upload, and remote SQL injection vulnerabilities. Description: Mutiple vulnerabilties were discovered in Hospital Management System Affected CMS: Hospital Management System Affected Version: unread...