Published on: Not Yet Published
Last Modified on: 01/27/2023 12:20:00 PM UTC
CVE-2022-48120Source: Mitre Source: NIST CVE.ORG Print: PDF
Certain versions of Hospital Management System from Hospital Management System Project contain the following vulnerability:
SQL Injection vulnerability in kishan0725 Hospital Management System thru commit 4770d740f2512693ef8fd9aa10a8d17f79fad9bd (on March 13, 2021), allows attackers to execute arbitrary commands via the contact and doctor parameters to /search.php.
- CVE-2022-48120 has been assigned by [email protected] to track the vulnerability - currently rated as CRITICAL severity.
CVSS3 Score: 9.8 - CRITICAL
|in search.php has sql injection · Issue #32 · kishan0725/Hospital-Management-System · GitHub|| github.com |
There are currently no QIDs associated with this CVE
Exploit/POC from Github
SQL Injection vulnerability in kishan0725 Hospital Management System thru commit 4770d740f2512693ef8fd9aa10a8d17f79fa…
Known Affected Configurations (CPE V2.3)
|Application||Hospital Management System Project||Hospital Management System||All||All||All||All|
No vendor comments have been submitted for this CVE
|@CVEreport||CVE-2022-48120 : SQL Injection vulnerability in kishan0725 Hospital Management System thru commit 4770d740f2512693e… twitter.com/i/web/status/1…||2023-01-20 19:15:32|
|@threatmeter||CVE-2022-48120 | Hospital Management System /search.php contact/doctor sql injection (ID 32) A vulnerability was fo… twitter.com/i/web/status/1…||2023-01-21 01:50:27|