Submit #45257: Clinic's Patient Management System - index.php 'user_name' SQL injectinfo

TitelClinic's Patient Management System - index.php 'user_name' SQL inject
BeschreibungThe reason for the SQL injection vulnerability is that the website application does not verify the validity of the data submitted by the user to the server (type, length, business parameter validity, etc.), and does not effectively filter the data input by the user with special characters , so that the user's input is directly brought into the database for execution, which exceeds the expected result of the original design of the SQL statement, resulting in a SQL injection vulnerability.Clinic's Patient Management System does not filter the content correctly at the "index.php /user_name" parameter, resulting in the generation of SQL injection.
Quelle⚠️ https://github.com/joinia/webray.com.cn/blob/main/Clinic's-Patient-Management-System/cpms.md
Benutzer
 joinia (UID 24916)
Einreichung04.09.2022 12:39 (vor 4 Jahren)
Moderieren04.09.2022 16:42 (4 hours later)
StatusAkzeptiert
VulDB Eintrag207847 [SourceCodester Clinics Patient Management System Login index.php user_name SQL Injection]
Punkte20

Do you know our Splunk app?

Download it now for free!