CVE-2023-7172

HIGH LAB

PHPGurukul Hospital Management System 1.0 - SQL Injection in Admin Dashboard

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-7172. PoCs published by sharathc213.

AI-analyzed exploit summary This repository provides a functional proof-of-concept for CVE-2023-7172, demonstrating an SQL injection vulnerability in the admin login page of Hospital Management System 1.0. The exploit uses a crafted username input to bypass authentication.

Description

A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown functionality of the component Admin Dashboard. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249356.

Exploits (1)

nomisec WORKING POC 6 stars
by sharathc213 · poc
https://github.com/sharathc213/CVE-2023-7172

This repository provides a functional proof-of-concept for CVE-2023-7172, demonstrating an SQL injection vulnerability in the admin login page of Hospital Management System 1.0. The exploit uses a crafted username input to bypass authentication.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Hospital Management System 1.0
No auth needed
Prerequisites: Access to the admin login page
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory vdb-entry
https://vuldb.com/?id.249356
Permissions Required, Third Party Advisory signature permissions-required
https://vuldb.com/?ctiid.249356
Exploit, Third Party Advisory exploit
https://github.com/sharathc213/CVE-2023-7172

Scores

CVSS v3 7.3
EPSS 0.0146
EPSS Percentile 70.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Lab Environment

COMMUNITY SUSPICIOUS
Community Lab
docker pull mysql:8.0

Details

CWE
CWE-89
Status published
Products (1)
phpgurukul/hospital_management_system 1.0
Published Dec 30, 2023
Tracked Since Feb 18, 2026