Blind SQL Injection in Contact Us Form of Doctor Appointment System 1.0

CVE-2021-27319 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via email parameter.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.