MidnightBSD

Advisories for hospital_management_center_project

CVE-2022-4012

A vulnerability classified as critical has been found in Hospital Management Center. Affected is an unknown function of the file patient-info.php. The manipulation of the argument pt_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-213786 is the identifier assigned to this vulnerability.

Products Affected

Vendor Product Version
hospital_management_center_project hospital_management_center -
CVE-2022-4013

A vulnerability classified as problematic was found in Hospital Management Center. Affected by this vulnerability is an unknown functionality of the file appointment.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-213787.

Products Affected

Vendor Product Version
hospital_management_center_project hospital_management_center -