CVE-2023-5004

CRITICAL

Hospital Management System in PHP - SQL Injection

Title source: llm
STIX 2.1

Description

Hospital management system version 378c157 allows to bypass authentication. This is possible because the application is vulnerable to SQLI.

Scores

CVSS v3 9.8
EPSS 0.0090
EPSS Percentile 55.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-89
Status published
Products (1)
projectworlds/hospital_management_system_in_php 2018-06-17
Published Sep 28, 2023
Tracked Since Feb 18, 2026