Blind SQL Injection Vulnerability in Doctor Appointment System 1.0's contactus.php

Blind SQL Injection Vulnerability in Doctor Appointment System 1.0's contactus.php

CVE-2021-27315 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via the comment parameter.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.