A vulnerability was found in Hospital Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file his_admin_view_single_employee.php. The manipulation of the argument doc_number leads to sql injection.
This vulnerability was named CVE-2022-46498. The attack can only be done within the local network. There is no exploit available.