| 제목 | code-projects Hospital Management System 1.0 Session Fixiation |
|---|
| 설명 | The Hospital Management System uses express-session for session management with a hardcoded and weak secret string ('secret'). The secret is used to sign session cookies, ensuring the integrity of session data. A weak or hardcoded secret allows attackers to forge session cookies, potentially bypassing authentication and impersonating other users. This vulnerability can lead to unauthorized access to sensitive patient records and administrative functions. |
|---|
| 원천 | ⚠️ https://github.com/lakshayyverma/CVE-Discovery/blob/main/Hospital%20Management%20System.md |
|---|
| 사용자 | lakshay12311 (UID 91298) |
|---|
| 제출 | 2025. 10. 10. AM 08:47 (8 개월 ago) |
|---|
| 모더레이션 | 2025. 10. 10. PM 03:59 (7 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 327932 [code-projects Hospital Management System 1.0 express-session secret 약한 암호화] |
|---|
| 포인트들 | 20 |
|---|