Jaynewboy

**Name of the Vulnerable Software and Affected Versions** code-projects Online Appointment Booking System version 1.0 **Description** A critical vulnerability exists in code-projects Online Appointment Booking System 1.0. The issue is a SQL injection vulnerability stemming from the manipulation of the `clinic` argument in an unknown function within the `/admin/deletedoctorclinic.php` file. This allows for remote exploitation. The exploit for this issue has been publicly disclosed. **Recommendations** code-projects Online Appointment Booking System version 1.0: Sanitize or validate the `clinic` argument to prevent SQL injection. As a temporary workaround, restrict access to the `/admin/deletedoctorclinic.php` file.

**Name of the Vulnerable Software and Affected Versions** code-projects Online Appointment Booking System version 1.0 **Description** A critical vulnerability exists in an unknown functionality of the file `/admin/addmanagerclinic.php`. Manipulation of the `clinic` argument leads to SQL injection. The attack can be launched remotely. The exploit has been disclosed to the public. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.