← back
CVE-2021-27320

CVE-2021-27320

18Vexday Risk Score

Patch soon. It has a working public exploit.

ssvc Attendepss 9.3%
exploitation probability
9.3%top 5% of all CVEs
observed exploitation
nono source reports it
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via firstname parameter.
Affected products
n/a · n/a