Critical
CVSS 9.8
Overview
Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func1.php via the username3 and password3 parameters.
CVE-2023-41526
Hospital Management System v4 was discovered to contain multiple SQL injection v...
Risk analysis
This vulnerability is rated 🔴 CRITICAL.
- CVSS: 9.8 (CRITICAL)
- Detected tags: sql (tag impact: MODERATE)
Recommended actions:
- Use parameterized queries/ORM (avoid string concatenation).
- Add WAF rules and input validation.