A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which can allow an attacker to dump database information via a special payload in the ‘Doctor Specialization’ field under the ‘Go to Doctors’ tab after logging in as an admin.
CPE | Name | Operator | Version |
---|---|---|---|
hospital_management_system | eq | 4.0 |