CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-17393
https://notcve.org/view.php?id=CVE-2018-17393
SQL Injection exists in HealthNode Hospital Management System 1.0 via the id parameter to dashboard/Patient/info.php or dashboard/Patient/patientdetails.php. Existe inyección SQL en HealthNode Hospital Management System 1.0 mediante los parámetros id en dashboard/Patient/info.php o dashboard/Patient/patientdetails.php. • https://www.exploit-db.com/author/?a=8844 https://www.exploit-db.com/exploits/46148 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18705 – PHPTPoint Hospital Management System 1 SQL Injection
https://notcve.org/view.php?id=CVE-2018-18705
PhpTpoint hospital management system suffers from multiple SQL injection vulnerabilities via the index.php user parameter associated with LOGIN.php, or the rno parameter to ALIST.php, DUNDEL.php, PDEL.php, or PUNDEL.php. PhpTpoint hospital management system sufre de múltiples vulnerabilidades de inyección SQL mediante el parámetro user en index.php asociado a LOGIN.php, o el parámetro rno en ALIST.php, DUNDEL.php, PDEL.php o PUNDEL.php. PHPTPoint Hospital Management System version 1 suffers from remote SQL injection vulnerabilities. • https://packetstormsecurity.com/files/149942/PHPTPoint-Hospital-Management-System-1-SQL-Injection.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •