CVE Details
Basic Information
| Title |
Campcodes Online Hospital Management System contact.php sql injection |
| Type |
cve |
| Published |
2025-05-30T20:00:10.316Z |
| Last Seen |
|
Product Information
| Vendor |
Campcodes |
| Product |
Online Hospital Management System |
| Version |
1.0 |
CVSS Information
| Base Score |
6.9 (MEDIUM) |
| Attack Vector |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
| Confidentiality Impact |
|
| Integrity Impact |
|
| Availability Impact |
|
AI Analysis
| AI Description |
A critical SQL injection vulnerability exists in the contact.php file of Campcodes Online Hospital Management System version 1.0. This allows remote attackers to inject malicious SQL code via the ‘fullname’ argument, potentially leading to unauthorized data access or modification. |
| AI Severity |
High |
| Vendor |
Campcodes |
| Product |
Online Hospital Management System |
| Affected Version |
1.0 |
Additional Information
| CVE List |
|
| CWE List |
CWE-89, CWE-74 |
| Bulletin Family |
|
| Source Data |
Campcodes Online Hospital Management System 1.0 |
Source Information
| Source Data |
Campcodes Online Hospital Management System 1.0 |
| Source Link |
|
Description
A critical SQL injection vulnerability has been identified in Campcodes Online Hospital Management System version 1.0. This issue affects the contact.php file and allows remote attackers to inject malicious SQL code via the ‘fullname’ argument, potentially leading to unauthorized data access or modification.
CVSS Score Summary
View Full CVE Details
