CVE-2020-22168: SQL Injection
First published: Tue Jun 22 2021(Updated: )
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\change-emaild.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PHPGurukul Hospital Management System in PHP | =4.0 | |
| PHPGURUKUL Hospital Management System | =4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for PHPGurukul Hospital Management System?
The vulnerability ID for PHPGurukul Hospital Management System is CVE-2020-22168.
What is the severity level of CVE-2020-22168?
The severity level of CVE-2020-22168 is high with a score of 7.5.
What is the affected software for CVE-2020-22168?
The affected software for CVE-2020-22168 is PHPGurukul Hospital Management System in PHP v4.0.
What is the CWE ID for CVE-2020-22168?
The CWE ID for CVE-2020-22168 is CWE-89.
How can remote unauthenticated users exploit CVE-2020-22168?
Remote unauthenticated users can exploit CVE-2020-22168 by using SQL injection to obtain sensitive information from the database.
- collector/nvd-index
- collector/nvd-api
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/phpgurukul
- canonical/phpgurukul hospital management system in php
- version/phpgurukul hospital management system in php/4.0
- canonical/phpgurukul hospital management system
- version/phpgurukul hospital management system/4.0