CVE-2022-25003
CVE-2022-25003 concerns a SQL injection in Hospital Patient Record Management System v1.0, via the id parameter of /admin/doctors/view_doctor.php. The root cause is lack of input validation on external input, enabling attackers to manipulate SQL commands and potentially access or exfiltrate sensi...