CVE-2022-30012

Name of the Vulnerable Software and Affected Versions HMS version 0

Description The issue concerns SQL injection vulnerabilities in multiple parameters of the POST request on the appointment.php page. These vulnerabilities allow for the potential obtainment of database information through injection.

Recommendations For HMS version 0, consider restricting access to the appointment.php page until a patch is available, and avoid using vulnerable parameters in the POST request to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.