CVE-2020-29168: Online Doctor Appointment Booking System PHP and Mysql 1.0 – ‘q’ SQL Injection

An SQL injection vulnerability was discovered in PHP Doctor Appointment System by me on 11/16/2020.

In ‘getuser.php’ file, GET parameter ‘q’ is vulnerable.

The vulnerability could allow for the improper neutralization of special elements in SQL commands and may lead to the product being vulnerable to SQL injection.