Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forgery (CSRF) vulnerability in the 'Add Doctor' module. The application fails to enforce CSRF token validation on the add-doctor.php endpoint. This allows remote attackers to create arbitrary Doctor accounts (privileged users) by tricking an authenticated administrator into visiting a malicious page.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PHPGurukul Hospital Management System 安全漏洞
Vulnerability Description
PHPGurukul Hospital Management System是PHPGurukul公司的一套基于PHP和MySQL的医院管理系统。 PHPGurukul Hospital Management System v4.0版本存在安全漏洞,该漏洞源于Add Doctor模块缺少跨站请求伪造令牌验证,可能导致远程攻击者创建任意医生账户。
CVSS Information
N/A
Vulnerability Type
N/A