CVE-2021-45852
Projectworlds Hospital Management System v1.0 contains a privilege error allowing an unauthorized attacker to add patients without restriction via add_patient.php (and related add_ppatient.php in some references). The core issue is improper authorization for patient creation, enabling unlimited e...