SQL Injection Vulnerability in Care2x Open Source Hospital Information Management 2.7 Alpha via the (1) pday, (2) pmonth, and (3) pyear parameters in GET requests sent to /modules/nursing/nursing-station.php.
References
Link | Resource |
---|---|
https://securityforeveryone.com/blog/care2x-hospital-information-management-system-0-day-vulnerability-cve-2021-36351 | Third Party Advisory |
https://www.exploit-db.com/exploits/50165 | Exploit Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-08-06T13:08:23
Updated: 2021-08-06T13:08:23
Reserved: 2021-07-09T00:00:00
Link: CVE-2021-36351
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-08-06T14:15:07.753
Modified: 2021-08-12T20:00:46.230
Link: CVE-2021-36351
JSON object: View
Redhat Information
No data.
CWE