2024-01-10 00:00:00
mitre
PUBLISHED
A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which can allow an attacker to dump database information via a special payload in the Doctor Specialization field under the Go to Doctors tab after logging in as an admin.