Vulnerabilities > Remoteclinic > Remote Clinic > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-07 | CVE-2023-33481 | SQL Injection vulnerability in Remoteclinic Remote Clinic 2.0 RemoteClinic 2.0 is vulnerable to a time-based blind SQL injection attack in the 'start' GET parameter of patients/index.php. | 9.8 |
| 2023-11-07 | CVE-2023-33479 | SQL Injection vulnerability in Remoteclinic Remote Clinic 2.0 RemoteClinic version 2.0 contains a SQL injection vulnerability in the /staff/edit.php file. | 9.8 |
| 2023-11-07 | CVE-2023-33478 | SQL Injection vulnerability in Remoteclinic Remote Clinic 2.0 RemoteClinic 2.0 has a SQL injection vulnerability in the ID parameter of /medicines/stocks.php. | 9.8 |
| 2023-01-20 | CVE-2022-48152 | SQL Injection vulnerability in Remoteclinic Remote Clinic 2.0 SQL Injection vulnerability in RemoteClinic 2.0 allows attackers to execute arbitrary commands and gain sensitive information via the id parameter to /medicines/profile.php. | 9.8 |