2024-01-10 00:00:00
mitre
PUBLISHED
A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which can allow an attacker to dump database information via a crafted payload entered into the Admin Remark parameter under the Contact Us Queries -> Unread Query tab.