Hospital Management Center is a web system that helps manage healthcare-related information and helps healthcare providers do their jobs efficiently. hospital Management Center is vulnerable to a SQL injection vulnerability that originates in an unknown function in the file patient-info.php Lack of validation of external input SQL statements for the parameter pt_id. An attacker could exploit the vulnerability to execute illegal SQL commands to steal sensitive database data.