CVE-2022-32094 PoC — Hospital Management System SQL注入漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-32094.yaml

Associated Vulnerability

Title:Hospital Management System SQL注入漏洞 (CVE-2022-32094)
Description:Hospital Management System（HMS）是一种计算机系统，可以帮助管理与医疗保健相关的信息，并帮助医疗保健提供者有效地完成工作。 Hospital Management System v1.0 版本存在安全漏洞，该漏洞源于 doctorlogin.php 页面的 loginid 参数存在 SQL 注入问题。

Description

Hospital Management System 1.0 contains a SQL injection vulnerability via the editid parameter in /HMS/doctor.php. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.

File Snapshot


 id: CVE-2022-32094

info:
  name: Hospital Management System 1.0 - SQL Injection
  author: arafatans

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!