CWE-89

CVE-2022-29938

February 23, 2023 by godfreyd94

In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameter payment_id in interfacebillingnew_payment.php via interfacebillingpayment_master.inc.php leads to SQL injection.

CVE-2022-29979

February 23, 2023 by godfreyd94

Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_designation.

CVE-2022-29980

February 23, 2023 by godfreyd94

Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=user/manage_user&id=.

CVE-2022-29981

February 23, 2023 by godfreyd94

Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Users.php?f=delete.

CVE-2022-29982

February 23, 2023 by godfreyd94

Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/maintenance/manage_service.php?id=.

CVE-2022-29983

February 23, 2023 by godfreyd94

Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/view_invoice&id=.