What the vulnerability does
01Description
Hospital management system version 378c157 allows to bypass authentication. This is possible because the application is vulnerable to SQLI.
CVE-2023-5004
CRITICAL
CVE-2023-5004: Hospital-management-system-in-php 378c157 - Blind SQL Injection
CVSS base score
9.8/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Key dates
02Disclosure timeline
September 28, 2023
CVE published
September 23, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-2999 Campcodes Online Art Gallery Management System adminHome.php sql injection
CVE-2025-6230
CVE-2019-25504 NCrypted Jobgator Lastest SQL Injection via agents Find-Jobs
CVE-2025-11610 SourceCodester Simple Inventory System brand.php sql injection
CVE-2024-1702 keerti1924 PHP-MYSQL-User-Login-System edit.php sql injection
