CVE-2022-32337

Name of the Vulnerable Software and Affected Versions Hospital's Patient Records Management System version 1.0

Description The issue concerns a SQL Injection vulnerability via the "/hprms/admin/patients/manage patient.php" endpoint, specifically affecting the id parameter. This vulnerability allows for potential unauthorized access and manipulation of patient records.

Recommendations For Hospital's Patient Records Management System version 1.0, consider disabling access to the "/hprms/admin/patients/manage patient.php" endpoint until a patch is available, or restrict the use of the id parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.