Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
tsruban HHIMS Patient Portrait sql injection
Vulnerability Description
A vulnerability classified as critical has been found in tsruban HHIMS 2.1. Affected is an unknown function of the component Patient Portrait Handler. The manipulation of the argument PID leads to sql injection. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. VDB-213462 is the identifier assigned to this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
对消息或数据结构的处理不恰当
Vulnerability Title
HHIMS SQL注入漏洞
Vulnerability Description
HHIMS是TSRuban个人开发者的一个免费的开源软件系统。用于存储和检索简单的患者病历。 HHIMS存在SQL注入漏洞,该漏洞源于SVG Parser组件的scenegraph/svg_attributes.c文件未知功能,攻击者利用该漏洞可以通过操作svg_parse_preserveaspectratio函数导致内存泄漏。
CVSS Information
N/A
Vulnerability Type
N/A