A SQL injection vulnerability exists in the SourceCodester PQMS (Patient Queue Management System) 1.0 in the api_patient_schedule.php endpoint. The appointmentID parameter is not properly sanitized, allowing attackers to execute arbitrary SQL commands.
Add your gear to cvedb and we'll alert you only when pamzey ships something exploited.
Check my exposure →This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.