CVE-2025-63497
The patient prescription viewing functionality in hisdocviewsinglepatient.php of rickxy Hospital Management System version 1.0 contains an SQL injection vulnerability. The patnumber GET parameter is directly concatenated into SQL queries without proper sanitization, allowing authenticated attacke...