Hospital Management System SQL Injection Vulnerability (CNVD-2022-83601)

Hospital Management System is a hospital management system. A SQL injection vulnerability exists in Hospital Management System v1.0, which includes modules for patient information management, appointment services, and financial management. The vulnerability is related to the lack of validation of the adminname parameter in admin.php. An attacker could use this vulnerability to launch a targeted SQL injection attack against the target, compromising the security of the site system.