Blind SQL Injection Vulnerability in Doctor Appointment System 1.0's contactus.php
CVE-2021-27315 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via the comment parameter.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.