CVE-2022-38637
Hospital Management System 1.0 is affected by a SQL injection flaw exposed via the editid parameter on /HMS/user-login.php. Exploitation can enable an attacker to read and modify database data and potentially perform unauthorized administrative actions within the affected site. The issue is repor...