Whngd

**Name of the Vulnerable Software and Affected Versions** code-projects Online Hospital Management System version 1.0 **Description** An issue exists in the Appointment Handler component within the `appointmentdetail.php` file. Remote manipulation of the `editid` argument allows for SQL injection, a technique where malicious SQL statements are inserted into entry fields for execution. **Recommendations** Update code-projects Online Hospital Management System to a version that resolves this issue. As a temporary workaround, restrict access to the `appointmentdetail.php` file or avoid using the `editid` parameter until a fix is applied.