Karthikg1908 Hospital Management System SQL Injection Vulnerability

A SQL injection vulnerability has been identified in Karthikg1908 Hospital Management System (HMS) version 1.0. The issue resides in user-login.php and index.php, where the application inadequately sanitizes input from the username and password POST parameters. This flaw allows remote attackers to execute arbitrary SQL queries, potentially leading to unauthorized access, privilege escalation, account takeover, or exposure of sensitive medical data.

Impact

Exploitation of this vulnerability allows for unauthenticated SQL injection, which could be used to manipulate the application's database. This could result in unauthorized access to user accounts, including those of administrators, and the exposure of confidential medical information.

Reproduction

To reproduce this vulnerability, send a POST request to the 'user-login.php' or 'index.php' endpoints with crafted SQL injection payloads in the username and password fields. The injected SQL code will be executed by the application's database, exploiting the lack of input validation. After successful exploitation, the application may redirect to the dashboard, indicating a successful login.