Submit #601698: PHPGurukul Hospital Management System 4.0 Cross Site Scriptinginfo

Titel	PHPGurukul Hospital Management System 4.0 Cross Site Scripting
Beschreibung	A time-based blind and Union SQL injection vulnerability exists in the searchdata parameter of Hospital Management System v4.0, allowing remote attackers to execute arbitrary SQL commands by triggering with union and time delays in the database response.
Quelle	⚠️ https://github.com/Ant1sec-ops/HMS4.0-Avdisories/blob/main/Union-based-sqli-on-doctor-search/exploit.md
Benutzer	Subhash Paudel (UID 66830)
Einreichung	20.06.2025 21:04 (vor 10 Monaten)
Moderieren	24.06.2025 10:14 (4 days later)
Status	Akzeptiert
VulDB Eintrag	313742 [PHPGurukul Hospital Management System 4.0 /doctor/search.php searchdata SQL Injection]
Punkte	17