Projectworlds Hospital Management System is a hospital management system from Projectworlds Austria. SQL injection vulnerability exists in Projectworlds Hospital Management System version 1.0, which can be exploited by attackers via the "hms -staff.php" in "email parameter" to perform SQL injection.