drew-byte/OnlineClinicManagementSystem_TimeBasedSQLi_PoC
GitHub
Releases0
This flaw enables attackers to manipulate SQL queries and exfiltrate sensitive data (e.g., administrative credentials), which can lead to complete system compromise.
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 6.3 MEDIUM | 6.5 MEDIUM | ||
A flaw has been found in itsourcecode Online Clinic Management System 1.0. This vulnerability affects unknown code of the file /editp2.php. Executing manipulation of the argument id/firstname/lastname/type/age/address can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used. | |||