Hospital Management System SQL Injection Vulnerability

A SQL injection vulnerability has been identified in Hospital Management System version 4. The issue arises in the 'func.php' file, where the 'password2' parameter is not properly sanitized before being used in SQL queries. This lack of sanitation allows remote attackers to manipulate database queries, potentially leading to arbitrary code execution or unauthorized information disclosure.

Impact

Exploitation of this vulnerability allows for SQL injection, which could be used to execute arbitrary SQL commands, potentially leading to unauthorized data access or modification. Additionally, according to the discoverer, this vulnerability could be exploited to execute arbitrary code.

Reproduction

To reproduce this vulnerability, send a crafted request to the application that includes a malicious payload in the 'password2' parameter. The payload should be designed to exploit the SQL injection vulnerability by manipulating the application's database queries. This can be done using a tool like Burp Suite or by manually crafting the request.