| Title | Clinic's Patient Management System 2.0 SQLi |
|---|
| Description | It was discovered that SQL Injection techniques can be used to fool the application into authenticating without the needing valid credentials. SQL Injection vulnerabilities on login pages expose an application to unauthorized access at the administrator level, thereby severely compromising the security of the application. |
|---|
| Source | ⚠️ https://github.com/CyberThoth/CVE/blob/63e283e7d7dad3783237f15cdae2bb649bc1e198/CVE/Clinic's%20Patient%20Management%20System/SQLi/POC.md |
|---|
| User | cyberthoth (UID 28322) |
|---|
| Submission | 07/04/2022 03:06 (4 years ago) |
|---|
| Moderation | 07/04/2022 07:10 (4 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 203179 [SourceCodester Clinics Patient Management System 2.0 Login Page /pms/index.php user_name sql injection] |
|---|
| Points | 18 |
|---|