CVE-2018-18705 – PHPTPoint Hospital Management System 1 SQL Injection
https://notcve.org/view.php?id=CVE-2018-18705
PhpTpoint hospital management system suffers from multiple SQL injection vulnerabilities via the index.php user parameter associated with LOGIN.php, or the rno parameter to ALIST.php, DUNDEL.php, PDEL.php, or PUNDEL.php. PhpTpoint hospital management system sufre de múltiples vulnerabilidades de inyección SQL mediante el parámetro user en index.php asociado a LOGIN.php, o el parámetro rno en ALIST.php, DUNDEL.php, PDEL.php o PUNDEL.php. PHPTPoint Hospital Management System version 1 suffers from remote SQL injection vulnerabilities. • https://packetstormsecurity.com/files/149942/PHPTPoint-Hospital-Management-System-1-SQL-Injection.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •