SQL Injection Vulnerability in Sourcecodester Patient Appointment Scheduler System v1: Arbitrary SQL Command Execution

SQL Injection Vulnerability in Sourcecodester Patient Appointment Scheduler System v1: Arbitrary SQL Command Execution

CVE-2021-41660 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SQL injection vulnerability in Sourcecodester Patient Appointment Scheduler System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username and password fields to login.php.

Learn more about our User Device Pen Test.