2 results (0.002 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in Pingkon HMS-PHP. It has been rated as critical. This issue affects some unknown processing of the file admin/adminlogin.php. The manipulation of the argument uname/pass leads to sql injection. The attack may be initiated remotely. • https://github.com/Pingkon/HMS-PHP/issues/1 https://vuldb.com/?id.213551 • CWE-707: Improper Neutralization •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

A vulnerability classified as critical has been found in Pingkon HMS-PHP. Affected is an unknown function of the file /admin/admin.php of the component Data Pump Metadata. The manipulation of the argument uname/pass leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Pingkon/HMS-PHP/issues/1 https://vuldb.com/?id.213552 • CWE-707: Improper Neutralization •