Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Doctormms v1.0 was discovered to contain a SQL injection vulnerability via the $userid parameter at myAppoinment.php. NOTE: this is disputed by a third party who claims that the userid is a session variable controlled by the server, and thus cannot be used for exploitation. The original reporter counterclaims that this originates from $_SESSION["userid"]=$_POST["userid"] at line 68 in doctors\doctorlogin.php, where userid under POST is not a session variable controlled by the server.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SourceCodester Doctor Appointment System SQL注入漏洞
Vulnerability Description
SourceCodester Doctor Appointment System是美国SourceCodester公司的一个应用软件。提供了一个预约功能。 SourceCodester Doctor Appointment System v1.0 版本存在SQL注入漏洞,该漏洞源于 myAppoinment.php 中的 $userid 参数包含 SQL 注入漏洞。
CVSS Information
N/A
Vulnerability Type
N/A