A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which can allow an attacker to dump database information via a crafted payload entered into the 'Admin Remark' parameter under the 'Contact Us Queries -> Unread Query' tab.
This Cyber News was published on www.tenable.com. Publication date: Thu, 11 Jan 2024 10:41:03 +0000