Skip to content

VULNERABLE: SQL Injection exists in Hospital-Management-System. An attacker can inject query in “/Hospital-Management-System-master/contact.php" via the ‘txtMsg’ parameters. #18

Open
@liangyueliangyue

Description

@liangyueliangyue

image

Intercept contact info and save contents into a text file(1.txt).
image

Run SQLmap

python3 .\sqlmap.py -r .\1.txt

image

Area of concern in contact.php
image

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions