| Title | code-projects E-Health Care System IN PHP v1.0 SQL INJECTION |
|---|
| Description | There are unrestricted SQL injection attacks in the E-Health Care System. Controllable parameters: name .
In chat.php, there are no filter parameters, and there is no restriction on the execution of concatenated SQL statements, resulting in SQL injection vulnerabilities. You can obtain sensitive information from the database |
|---|
| Source | ⚠️ https://github.com/Xueweian/cve/blob/main/sql18.md |
|---|
| User | Xueweian (UID 77082) |
|---|
| Submission | 11/04/2024 06:32 (2 years ago) |
|---|
| Moderation | 11/04/2024 18:59 (12 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 283037 [code-projects E-Health Care System 1.0 /Doctor/chat.php name/message sql injection] |
|---|
| Points | 18 |
|---|