CVE-2023-4179 – SourceCodester Free Hospital Management System for Small Practices sql injection

https://notcve.org/view.php?id=CVE-2023-4179

A vulnerability classified as critical has been found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected is an unknown function of the file /vm/doctor/doctors.php?action=view. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. • https://github.com/Yesec/Free-Hospital-Management-System-for-Small-Practices/blob/main/SQL%20Injection%20in%20doctors.php/vuln.md https://vuldb.com/?ctiid.236214 https://vuldb.com/?id.236214 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •