2 matches found
CVE-2022-32348
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=deletedoctor...
CVE-2022-32348
CVE-2022-32348 affects Hospital's Patient Records Management System v1.0, where a SQL injection vulnerability exists in the /hprms/classes/Master.php?f=delete_doctor endpoint. The root cause is lack of validation of externally entered SQL statements, enabling attackers to manipulate queries and p...