18202818292

**Name of the Vulnerable Software and Affected Versions** itsourcecode Online Doctor Appointment System version 1.0 **Description** A security issue exists in itsourcecode Online Doctor Appointment System 1.0. The issue affects an unknown function within the `/admin/patient action.php` file. Manipulation of the `patient id` argument can lead to SQL injection. The attack can be initiated remotely, and the exploit has been publicly disclosed. **Recommendations** versions prior to 1.0

**Name of the Vulnerable Software and Affected Versions** itsourcecode Online Doctor Appointment System version 1.0 **Description** A flaw exists in itsourcecode Online Doctor Appointment System 1.0 where manipulation of the `ID` argument in the `/admin/doctor action.php` file leads to a SQL injection. Remote exploitation is possible. The exploit has been publicly released. The vulnerable component is an unknown function within the `/admin/doctor action.php` file. **Recommendations** itsourcecode Online Doctor Appointment System version 1.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.