Multiple SQL Injection Vulnerabilities in PhpTpoint Hospital Management System

CVE-2018-18705 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

PhpTpoint hospital management system suffers from multiple SQL injection vulnerabilities via the index.php user parameter associated with LOGIN.php, or the rno parameter to ALIST.php, DUNDEL.php, PDEL.php, or PUNDEL.php.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.