Unauthorized Access in Projectworlds Hospital Management System
CVE-2021-45852

5.3MEDIUM

Key Information:

Vendor: Projectworlds
Status: Hospital Management System In PHP
Vendor: CVE Published:; 16 March 2022

🔔 Create Projectworlds Vulnerability Alert

What is CVE-2021-45852?

An issue was identified in the Projectworlds Hospital Management System version 1.0 that enables unauthorized users to add patient records through the add_patient.php endpoint without any restrictions. This vulnerability poses a significant risk to patient data integrity and confidentiality, making it essential for users to implement necessary security measures.

References

https://github.com/projectworldsofficial/hospital-managem...

x_refsource_MISC

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 16, 2022
Vulnerability Reserved
Dec 27, 2021