Doctor Appointment System 1.0 SQL Injection [CVE-2021-27314]

March 9, 2021 Jason Davies 3306 Views 0 Comments CVE-2021-27314, Doctor Appointment System, SQL Injection Vulnerability 0 min read

CVE number = CVE-2021-27314

SQL injection in admin.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via username parameter at login page.

The comment parameter has no input validation.

Please update in order to resolve this issue.

Further information – https://packetstormsecurity.com/files/161641/Doctor-Appointment-System-1.0-SQL-Injection.html

Jason Davies

I am one of the editors here at www.systemtek.co.uk I am a UK based technology professional, with an interest in computer security and telecoms.

Doctor Appointment System 1.0 SQL Injection [CVE-2021-27314]

Like this:

Related Posts

Jason Davies

Leave a ReplyCancel reply

Share this:

Like this:

Related Posts

Jason Davies

Leave a ReplyCancel reply