How severe is CVE-2023-4440?

Medium severity. CVSS v3 base score is 6.3 out of 10.

SQL Injection in Sourcecodester Free Hospital Management System For Small Practices

CVE-2023-4440

A vulnerability was found in SourceCodester Free Hospital Management System for Small Practices 1.0. It has been classified as critical. This affects an unknown part of the file appointment.php. The manipulation of the argument sheduledate…

Vulnerability class: SQL Injection

EPSS: 0.001 (20.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L.

Affected products

Sourcecodester Free Hospital Management System For Small Practices — versions 1.0

Weakness classification (CWE)

CWE-89 — SQL Injection

References

vuldb.com/ (vdb-entry, technical-description)
vuldb.com/ (signature, permissions-required)
github.com/CookedMelon/cve/tree/master/hospital/patient (exploit)

Frequently asked questions

What is CVE-2023-4440?: CVE-2023-4440 is a medium-severity vulnerability in Sourcecodester Free Hospital Management System For Small Practices, classified under SQL Injection. CVSS score: 6.3/10. Published 2023-08-20.
How severe is CVE-2023-4440?: Medium severity. CVSS v3 base score is 6.3 out of 10.