Unknown · Clinic'S Patient Management System · CVE-2022-36609
**Name of the Vulnerable Software and Affected Versions**
Clinic's Patient Management System version 1.0
**Description**
A SQL injection issue was found in the system, specifically via the `id` parameter at the "/pms/update patient.php" API endpoint.
**Recommendations**
For Clinic's Patient Management System version 1.0, consider restricting access to the "/pms/update patient.php" endpoint until a patch is available, and avoid using the `id` parameter in this endpoint to minimize the risk of exploitation.