PT-2026-41633

A flaw has been found in projectworlds hospital-management-system-in-php 1.0. Affected by this vulnerability is the function getAllPatientDetail of the file update info.php of the component GET Parameter Handler. Executing a manipulation of the argument appointment no can lead to sql injection. T...

EUVD-2025-38258

A SQL injection vulnerability exists in the SourceCodester PQMS Patient Queue Management System 1.0 in the apipatientschedule.php endpoint. The appointmentID parameter is not properly sanitized, allowing attackers to execute arbitrary SQL commands...

Code-Projects Online Appointment Booking System 注入漏洞

Code-Projects Online Appointment Booking System is a Code-Projects open source online appointment booking system. Code-Projects Online Appointment Booking System version 1.0 suffers from an injection vulnerability, which originates from SQL injection due to incorrect operation of the parameter...

CVE-2025-5712

A vulnerability has been found in SourceCodester Open Source Clinic Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /appointment.php. The manipulation of the argument patient leads to sql injection. The attack can be launche...

HMS SQL注入漏洞

HMS is a computer or web-based hospital management system. version 1.0 of HMS is vulnerable to SQL injection, which stems from the presence of multiple parameters that can lead to SQL injection when requesting appointment.php using the POST method. An attacker could use this vulnerability to obta...