PHPGurukul Hospital Management System 1.0 - SQL Injection in Admin Dashboard
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2023-7172. PoCs published by sharathc213.
AI-analyzed exploit summary This repository provides a functional proof-of-concept for CVE-2023-7172, demonstrating an SQL injection vulnerability in the admin login page of Hospital Management System 1.0. The exploit uses a crafted username input to bypass authentication.
Description
A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown functionality of the component Admin Dashboard. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249356.
Exploits (1)
This repository provides a functional proof-of-concept for CVE-2023-7172, demonstrating an SQL injection vulnerability in the admin login page of Hospital Management System 1.0. The exploit uses a crafted username input to bypass authentication.
References (4)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L