CVE-2021-27124
MEDIUM
6.5
Our Analysis: Environment Specific
Our model has classified this vulnerability as relevant to Environment Specific Systems, helping your team prioritize efforts effectively.
Published Date
February 18, 2021
Last Modified
November 21, 2024
CVSS Vector
Not Available
Description
SQL injection in the expertise parameter in search_result.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack.