2022-05-16 12:51:32
mitre
PUBLISHED
In the POST request of the appointment.php page of HMS v.0, there are SQL injection vulnerabilities in multiple parameters, and database information can be obtained through injection.