| Título | sfturing hosporder v1.0 SQL Injection |
|---|
| Descripción | There is an sql injection vulnerability in the function point for querying hospital data at the front desk. Attackers can execute sql statements through the function point without authorization. |
|---|
| Fuente | ⚠️ https://github.com/sfturing/hosp_order/issues/110 |
|---|
| Usuario | bi8bu (UID 84151) |
|---|
| Sumisión | 2025-06-20 06:52 (hace 1 Año) |
|---|
| Moderación | 2025-06-27 08:02 (7 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 314082 [sfturing hosp_order hasta 627f426331da8086ce8fff2017d65b1ddef384f8 HospitalServiceImpl.java findAllHosByCondition hospitalName inyección SQL] |
|---|
| Puntos | 16 |
|---|