Cccc88

**Name of the Vulnerable Software and Affected Versions:** code-projects Online Appointment Booking System version 1.0 **Description:** A critical issue exists in code-projects Online Appointment Booking System 1.0. The vulnerability is located in an unknown part of the `/ulocateus.php` file. Manipulation of the `doctorname` argument can lead to SQL injection, allowing for remote exploitation. The exploit has been publicly disclosed. **Recommendations:** Apply a fix to address the SQL injection vulnerability in the `/ulocateus.php` file related to the `doctorname` argument.

**Name of the Vulnerable Software and Affected Versions:** code-projects Online Appointment Booking System version 1.0 **Description:** A critical vulnerability exists in code-projects Online Appointment Booking System. The vulnerability is due to a SQL injection flaw within the `/cancelbookingpatient.php` file. Manipulation of the `appointment` argument can lead to successful exploitation. This issue can be triggered remotely. The exploit for this vulnerability has been publicly disclosed. **Recommendations:** Apply necessary input validation and sanitization techniques to the `appointment` argument in the `/cancelbookingpatient.php` file.

**Name of the Vulnerable Software and Affected Versions:** code-projects Online Appointment Booking System version 1.0 **Description:** A critical issue exists in code-projects Online Appointment Booking System 1.0 related to the processing of the `/getDay.php` file. Manipulation of the `cidval` argument can lead to SQL injection. This issue can be exploited remotely. The exploit has been publicly disclosed. **Recommendations:** At the moment, there is no information about a newer version that contains a fix for this vulnerability.