An issue in Hospital Management System In PHP V4.0 allows a remote attacker to execute arbitrary code via the hms/doctor/edit-profile.php file
The vulnerability is located in the hms/doctor/edit-profile.php file and belongs to the CWE-94 (Code Injection) class. An attacker can send crafted data to the vulnerable endpoint without requiring authentication, allowing injection and execution of malicious code on the server side. The lack of requirements for privileges and user interaction (PR:N, UI:N) significantly lowers the threshold for an attacker.
An attacker can gain full control over the server — including access to sensitive patient and medical staff data, modification or deletion of data, and potential takeover of the entire application infrastructure (full impact on confidentiality, integrity, and availability).
Patches available from the manufacturer should be applied according to references. Until the patch is implemented, it is recommended to restrict access to the hms/doctor/edit-profile.php file at the firewall or web server level and monitor suspicious traffic directed to this endpoint.
Phpgurukul Hospital Management System In PHP version 4.0
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HPhpgurukul Hospital Management System
APPPhpgurukul4.0
Related vulnerabilities
SQL Injection w phpgurukul Hospital Management System 4.0 (add-doctor.php)
SQL Injection w phpgurukul Hospital Management System 4.0 (parametr username)
Nieograniczony upload plików w Hospital Management System V4.0
A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows a remote atta...
Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Managemen...