A vulnerability classified as critical was found in PHPGurukul Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/change-password.php. The manipulation of the argument cpass leads to sql injection.
This vulnerability is known as CVE-2024-0362. Access to the local network is required for this attack. Furthermore, there is an exploit available.