Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in contact.php via the txtname, txtphone, and txtmail parameters.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 12 Aug 2025 08:00:00 +0000

Type Values Removed Values Added
First Time appeared Hospital Management System
Hospital Management System hospital Management System
Vendors & Products Hospital Management System
Hospital Management System hospital Management System

Mon, 11 Aug 2025 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Kishan0725
Kishan0725 hospital Management System
CPEs cpe:2.3:a:kishan0725:hospital_management_system:4.0:*:*:*:*:*:*:*
Vendors & Products Kishan0725
Kishan0725 hospital Management System

Fri, 08 Aug 2025 15:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-89
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 07 Aug 2025 18:00:00 +0000

Type Values Removed Values Added
Description Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in contact.php via the txtname, txtphone, and txtmail parameters.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-08-08T14:12:36.076Z

Reserved: 2023-08-30T00:00:00.000Z

Link: CVE-2023-41528

cve-icon Vulnrichment

Updated: 2025-08-08T14:12:12.588Z

cve-icon NVD

Status : Analyzed

Published: 2025-08-07T18:15:29.437

Modified: 2025-08-11T14:45:05.253

Link: CVE-2023-41528

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-08-12T07:56:30Z