CVE-2026-5180：Simple Doctors Appointment System SQL注入

SourceCodester的Simple Doctors Appointment System 1.0存在SQL注入漏洞。该漏洞被标识为CVE-2026-5180，影响文件/admin/ajax.php?action=login2。攻击者可以通过操纵'email'参数在系统的数据库上执行恶意SQL命令来利用此漏洞。此漏洞的利用是远程的，这意味着攻击者可以从任何具有网络访问权限的位置破坏系统。根据CVSS的评估，此漏洞的严重程度评分为7.3，表明存在重大风险。功能性漏洞程序的发布增加了未来发生攻击的可能性。目前可用的信息表明，尚未发布此漏洞的官方修复程序或补丁。

Healthcare providers and clinics utilizing the Simple Doctors Appointment System version 1.0 are at immediate risk. Shared hosting environments where multiple users share the same server are particularly vulnerable, as a compromise of one user's application could potentially lead to the compromise of others. Organizations relying on this system to manage sensitive patient data are especially exposed.

• php: Examine web server access logs for requests to /admin/ajax.php?action=login2 containing unusual characters or SQL keywords in the email parameter. Use grep to search for patterns like ' OR 1=1 -- or '; DROP TABLE in the logs.

grep -i 'OR 1=1 --|'; DROP TABLE' /var/log/apache2/access.log

• generic web: Use curl to test the /admin/ajax.php?action=login2 endpoint with a malicious email payload (e.g., test' OR 1=1 [email protected]) and observe the response for SQL errors or unexpected behavior.

curl -X POST -d "email=test' OR 1=1 [email protected]&password=password" http://your-server/admin/ajax.php?action=login2

1. 2026-03-31Disclosure

   disclosure

1. 已保留2026-03-30
2. 发布日期2026-03-31
3. EPSS 更新日期2026-04-07

由于尚未发布官方修复程序，因此立即的缓解措施侧重于预防措施。强烈建议Simple Doctors Appointment System 1.0的管理员在发布更新之前暂时禁用对文件/admin/ajax.php?action=login2的访问。实施Web应用程序防火墙（WAF）可以帮助阻止SQL注入尝试。此外，建议定期对源代码进行安全审计，以识别和修复潜在的漏洞。监控服务器日志中与数据库相关的可疑活动至关重要。如果可用，请考虑升级到系统更安全的版本，这将是最高效的长期解决方案。