CVE-2020-5192

HIGH NUCLEI

PHPGurukul Hospital Management System 4.0 - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-5192. PoCs published by FULLSHADE. A Nuclei detection template is also available.

AI-analyzed exploit summary This is a detailed writeup describing SQL injection vulnerabilities in Hospital Management System 4.0, including payloads and sqlmap output for multiple endpoints. It does not contain executable exploit code but provides technical details for manual exploitation.

Description

PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple SQL injection vulnerabilities: multiple pages and parameters are not validating user input, and allow for the application's database and information to be fully compromised.

Exploits (1)

exploitdb WRITEUP VERIFIED
by FULLSHADE · textwebappsphp
https://www.exploit-db.com/exploits/47840

This is a detailed writeup describing SQL injection vulnerabilities in Hospital Management System 4.0, including payloads and sqlmap output for multiple endpoints. It does not contain executable exploit code but provides technical details for manual exploitation.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: Hospital Management System v4.0
Auth required
Prerequisites: Access to vulnerable endpoints · Valid session cookie (PHPSESSID)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Hospital Management System 4.0 - SQL Injection
HIGHVERIFIEDby TenBird
Shodan: http.html:"hospital management system"
FOFA: body="hospital management system"

References (2)

Core 2
Core References
Product, Vendor Advisory x_refsource_misc
https://phpgurukul.com/hospital-management-system-in-php/
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
https://www.exploit-db.com/exploits/47840

Scores

CVSS v3 8.8
EPSS 0.1681
EPSS Percentile 96.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-89
Status published
Products (1)
phpgurukul/hospital_management_system 4.0
Published Jan 06, 2020
Tracked Since Feb 18, 2026