Lucene search
China National Vulnerability DatabaseCNVD-2022-68944HistoryMay 30, 2022 - 12:00 a.m.
Sourcecodesterk Doctor Appointment System SQL Injection Vulnerability
2022-05-3000:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
sourcecodesterk
doctor appointment
sql injection
vulnerability
open source
application
appointment function
version 1.0
search_result.php
expertise parameter
database credentials
cnvd
EPSS
0.049
Percentile
92.9%
Sourcecodesterk Doctor Appointment System is an open source application from Sourcecodesterk. Provides an appointment function. Sourcecodesterk Doctor Appointment System version 1.0 contains a SQL injection vulnerability, which stems from the program does not adequately filter the search_result.php for the expertise parameter, an attacker can use SQL injection attacks to dump database credentials.
Related
cve
cve
CVE-2021-27124
2021-02-18 04:15:11
cvelist
cvelist
CVE-2021-27124
2021-02-18 03:06:44
nuclei
nuclei
Doctor Appointment System 1.0 - SQL Injection
2023-06-05 07:03:16
prion
prion
Sql injection
2021-02-18 04:15:00
nvd
nvd
CVE-2021-27124
2021-02-18 04:15:11