Vulnerabilities > CVE-2021-45852 - Always-Incorrect Control Flow Implementation vulnerability in Projectworlds Hospital Management System in PHP 1.0

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

projectworlds

CWE-670

NVD

Published: 2022-03-16

Updated: 2022-07-12

Summary

An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious attackers can add patients without restriction via add_patient.php.

Vulnerable Configurations

Part	Description	Count
Application	Projectworlds Projectworlds Hospital Management System IN PHP 1.0	1

Common Weakness Enumeration (CWE)

CWE-670 - Always-Incorrect Control Flow Implementation

References

https://github.com/projectworldsofficial/hospital-management-system-in-php/issues/6