SQL Injection Vulnerability in PHPGurukul Hospital Management System
CVE-2020-22165
7.5HIGH
What is CVE-2020-22165?
The PHPGurukul Hospital Management System version 4.0 is susceptible to a SQL injection vulnerability located in the user-login.php file. This flaw allows remote unauthenticated users to manipulate SQL queries, potentially leading to unauthorized access to sensitive database information. Malicious actors can exploit this vulnerability to extract confidential data, raising significant security concerns for institutions relying on this software for hospital management.