FF9118/bug_report

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-36750 ↗	Aug 10, 2022Wednesday, 10 August 2022, 20:16	9.8 CRITICAL	—
Clinic's Patient Management System v1.0 is vulnerable to SQL injection via /pms/update_user.php?id=.
CVE-2022-36270 ↗	Aug 10, 2022Wednesday, 10 August 2022, 20:16	9.8 CRITICAL	—
Clinic's Patient Management System v1.0 has arbitrary code execution via url: ip/pms/users.php.