phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in index.php via the username parameter.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 02 Sep 2025 19:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:phpgurukul:hospital_management_system:4.0:*:*:*:*:*:*:*

Tue, 26 Aug 2025 14:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-89
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 25 Aug 2025 22:15:00 +0000

Type Values Removed Values Added
First Time appeared Phpgurukul
Phpgurukul hospital Management System
Vendors & Products Phpgurukul
Phpgurukul hospital Management System

Mon, 25 Aug 2025 15:15:00 +0000

Type Values Removed Values Added
Description phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in index.php via the username parameter.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-08-26T13:35:10.984Z

Reserved: 2025-08-16T00:00:00.000Z

Link: CVE-2025-56214

cve-icon Vulnrichment

Updated: 2025-08-26T13:35:05.814Z

cve-icon NVD

Status : Analyzed

Published: 2025-08-25T15:15:41.740

Modified: 2025-09-02T18:16:11.313

Link: CVE-2025-56214

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-08-25T21:53:12Z