CVE-2023-4444 (free_hospital_management_system_for_small_practices)

A vulnerability classified as critical was found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected by this vulnerability is an unknown functionality of the file vm\patient\edit-user.php. The manipulation of the argument id00/nic/oldemail/email/spec/Tele leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-237565 was assigned to this vulnerability.

argument attack classified critical cve edit email exploit file free hospital injection management manipulation may nic php practices public spec sql sql injection system vulnerability