- Description
- Sourcecodester Pharmacy/Medical Store Point of Sale System 1.0 is vulnerable SQL Injection via login.php. This vulnerability stems from inadequate validation of user inputs for the email and password parameters, allowing attackers to inject malicious SQL queries.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pharmacy\\/medical_store_point_of_sale_system_project:pharmacy\\/medical_store_point_of_sale_system:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F27B3402-54AA-4DAF-BEF4-E6E6EB9EFEC1"
}
],
"operator": "OR"
}
]
}
]