Critical
CVSS 9.8
Overview
Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in contact.php via the txtname, txtphone, and txtmail parameters.
CVE-2023-41528
Hospital Management System v4 was discovered to contain multiple SQL injection v...
Risk analysis
This vulnerability is rated 🔴 CRITICAL.
- CVSS: 9.8 (CRITICAL)
- Detected tags: sql (tag impact: MODERATE)
Recommended actions:
- Use parameterized queries/ORM (avoid string concatenation).
- Add WAF rules and input validation.