2 matches found
CVE-2022-36609
Clinic's Patient Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /pms/updatepatient.php...
CVE-2022-36609
Clinic's Patient Management System v1.0 contains a SQL injection vulnerability in the id parameter of /pms/update_patient.php, due to lack of input validation for external SQL statements. The affected component is the pms update endpoint, enabling attackers to potentially execute arbitrary SQL an...