CVE-2022-3956

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-3956

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-3956.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-3956

Published

2022-11-11T16:15:16.600Z

Modified

2025-11-14T13:37:20.591146Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A vulnerability classified as critical has been found in tsruban HHIMS 2.1. Affected is an unknown function of the component Patient Portrait Handler. The manipulation of the argument PID leads to sql injection. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. VDB-213462 is the identifier assigned to this vulnerability.

References

Affected packages

Git / github.com/tsruban/hhims

Affected ranges

Type: GIT
Repo: https://github.com/tsruban/hhims
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

f3e48c24554247bbbb049ad0309d3b3fd1311182

Affected versions

2.*

2.1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-3956.json"