CVE-2024-10350 – This critical SQL injection vulnerability in Ho... (How to Fix)

Q: What is the severity of CVE-2024-10350?

CVE-2024-10350 has a CVSS score of 4.7 (MEDIUM). This critical SQL injection vulnerability in Hospital Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the docname parameter in /admin/add-doctor.php. This affects all systems running the vulnerable version of this software, potentially compromising patient data and system integrity.

📋 TL;DR

This critical SQL injection vulnerability in Hospital Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the docname parameter in /admin/add-doctor.php. This affects all systems running the vulnerable version of this software, potentially compromising patient data and system integrity.

💻 Affected Systems

Products:

code-projects Hospital Management System

Versions: 1.0

Operating Systems: All operating systems running PHP

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all installations of version 1.0. The /admin/add-doctor.php file is part of the standard installation.

📦 What is this software?

Hospital Management System by Fabian

View all CVEs affecting Hospital Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to patient data theft, system takeover, and potential ransomware deployment across the hospital network.

🟠

Likely Case

Unauthorized access to sensitive patient records, modification of medical data, and potential privilege escalation to administrative accounts.

🟢

If Mitigated

Limited data exposure if proper input validation and database permissions are enforced, though SQL injection attempts would still be logged.

🌐 Internet-Facing: HIGH - The vulnerability is remotely exploitable and public exploit details exist, making internet-facing instances immediate targets.

🏢 Internal Only: HIGH - Even internal systems are vulnerable to insider threats or compromised internal devices exploiting this SQL injection.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit details are publicly disclosed on GitHub. Attack requires access to admin interface but SQL injection is straightforward once authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://code-projects.org/

Restart Required: No

Instructions:

No official patch available. Consider migrating to alternative hospital management software or implementing custom security fixes.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Add parameterized queries or prepared statements to /admin/add-doctor.php to prevent SQL injection

Modify PHP code to use PDO or mysqli prepared statements for all database queries involving docname parameter

Web Application Firewall Rules

all

Block SQL injection patterns targeting the vulnerable endpoint

Add WAF rule: deny requests to /admin/add-doctor.php containing SQL keywords like UNION, SELECT, INSERT, DROP, OR 1=1

🧯 If You Can't Patch

Isolate the Hospital Management System behind a reverse proxy with strict input validation
Implement network segmentation to limit database access from the web application server

🔍 How to Verify

Check if Vulnerable:

Test the /admin/add-doctor.php endpoint with SQL injection payloads in the docname parameter (e.g., docname=test' OR '1'='1)

Check Version:

Check the software version in the application interface or review the installation files for version markers

Verify Fix Applied:

Verify that SQL injection payloads no longer execute and return appropriate error messages or are blocked

📡 Detection & Monitoring

Log Indicators:

Multiple failed login attempts to admin panel followed by SQL error messages
Unusual database queries originating from web server IP

Network Indicators:

HTTP POST requests to /admin/add-doctor.php containing SQL keywords in parameters
Abnormal database connection patterns from web application

SIEM Query:

source="web_logs" AND uri_path="/admin/add-doctor.php" AND (param="*UNION*" OR param="*SELECT*" OR param="*OR 1=1*")

📊 Metadata

CVE ID: CVE-2024-10350

CVSS v3 Score: 4.7 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-89

Published: October 24, 2024

Last Updated: October 23, 2025

🔗 References

https://code-projects.org/ Product
https://github.com/RTio7/cve/issues/1 Exploit,Third Party Advisory
https://vuldb.com/?ctiid.281698 Permissions Required,Third Party Advisory,VDB Entry
https://vuldb.com/?id.281698 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.427705 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-10350, you might also want to check these: