Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The patient prescription viewing functionality in his_doc_view_single_patient.php of rickxy Hospital Management System version 1.0 contains an SQL injection vulnerability. The pat_number GET parameter is directly concatenated into SQL queries without proper sanitization, allowing authenticated attackers (doctor role) to execute arbitrary SQL queries.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Hospital Management System 安全漏洞
Vulnerability Description
Hospital Management System是Pon Aravind Boominathan个人开发者的一个医院管理软件。 Hospital Management System 1.0版本存在安全漏洞,该漏洞源于文件his_doc_view_single_patient.php中GET参数pat_number未正确清理,可能导致SQL注入攻击。
CVSS Information
N/A
Vulnerability Type
N/A