SQL Injection Vulnerability in Admin Login Page of Doctor Appointment System 1.0

SQL Injection Vulnerability in Admin Login Page of Doctor Appointment System 1.0

CVE-2021-27314 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SQL injection in admin.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via username parameter at login page.

Learn more about our User Device Pen Test.