Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound Doctor Appointment Booking allows PHP Local File Inclusion. This issue affects Doctor Appointment Booking: from n/a through 1.0.0.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Doctor Appointment Booking allows SQL Injection. This issue affects Doctor Appointment Booking: from n/a through 1.0.0.

SQL Injection vulnerability in Projectworlds Online Doctor Appointment Booking System, allows attackers to gain sensitive information via the q parameter to the getuser.php endpoint.

An SQL injection vulnerability was discovered in Online Doctor Appointment Booking System PHP and Mysql via the q parameter to getuser.php.