An SQL injection vulnerability was discovered in PHP Doctor Appointment System by me on 11/16/2020.
In ‘getuser.php’ file, GET parameter ‘q’ is vulnerable.
The vulnerability could allow for the improper neutralization of special elements in SQL commands and may lead to the product being vulnerable to SQL injection.