| Titel | Clinic's Patient Management System 2.0 SQLi |
|---|
| Beschreibung | It was discovered that SQL Injection techniques can be used to fool the application into authenticating without the needing valid credentials. SQL Injection vulnerabilities on login pages expose an application to unauthorized access at the administrator level, thereby severely compromising the security of the application. |
|---|
| Quelle | ⚠️ https://github.com/CyberThoth/CVE/blob/63e283e7d7dad3783237f15cdae2bb649bc1e198/CVE/Clinic's%20Patient%20Management%20System/SQLi/POC.md |
|---|
| Benutzer | cyberthoth (UID 28322) |
|---|
| Einreichung | 04.07.2022 03:06 (vor 4 Jahren) |
|---|
| Moderieren | 04.07.2022 07:10 (4 hours later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 203179 [SourceCodester Clinics Patient Management System 2.0 Login Page /pms/index.php user_name SQL Injection] |
|---|
| Punkte | 18 |
|---|