| Title | Electronic Medical Records System-register.php-Sqlinjection |
|---|
| Description | Electronic Medical Records System-register.php-Sqlinjection
There is a receiving pconsultation parameter in the Register file, and it is directly entered into the UPDATE statement without any filtering. Therefore, it can be used by attackers to steal sensitive data.
Detailed instructions:https://github.com/Hanfu-l/Cve-vulnerability-mining/blob/main/Electronic%20Medical%20Records%20System/Electronic%20Medical%20Records%20System-register.php-Sqlinjection.pdf |
|---|
| Source | ⚠️ https://github.com/Hanfu-l/Cve-vulnerability-mining/blob/main/Electronic%20Medical%20Records%20System/Electronic%20Medical%20Records%20System-register.php-Sqlinjection.pdf |
|---|
| User | Hanfu (UID 30648) |
|---|
| Submission | 08/06/2022 12:23 (4 years ago) |
|---|
| Moderation | 08/06/2022 18:55 (7 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 205816 [SourceCodester Electronic Medical Records System UPDATE Statement register.php pconsultation sql injection] |
|---|
| Points | 20 |
|---|