N/A

An exploitable SQL injection vulnerability exists in ‘manageServiceStocks.jsp’ page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.

N/A

SQL命令中使用的特殊元素转义处理不恰当(SQL注入)

OpenClinic GA SQL注入漏洞

OpenClinic GA是一套开源的医院信息管理系统。该系统支持财务管理、临床管理和实验室管理等功能。 OpenClinic GA 5.173.3 存在SQL注入漏洞，该漏洞源于manageServiceStocks.jsp页面，攻击者可以发出经过身份验证的HTTP请求来触发此漏洞。

N/A

N/A