CVE-2022-34953
Pharmacy Management System v1.0 contains a SQL injection in getOrderReport.php via the startDate parameter. The root cause is lack of input validation leading to arbitrary SQL execution, enabling access to sensitive data. Affected product/component: Pharmacy Management System (MPMS) v1.0; vulnera...