A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows a remote attacker to execute arbitrary code and access sensitive information via the session token parameter.
https://twitter.com/captain__noob
https://github.com/captain-noob
https://gist.github.com/captain-noob/aff11542477ddd0a92ad8b94ec75f832