Filtered by vendor Softwebinternational
Subscriptions
Filtered by product Clinic Pro
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-25473 | 1 Softwebinternational | 1 Clinic Pro | 2026-03-13 | 7.1 High |
| Clinic Pro contains a SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the month parameter. Attackers can send POST requests to the monthly_expense_overview endpoint with crafted month values using boolean-based blind, time-based blind, or error-based SQL injection techniques to extract sensitive database information. | ||||
Page 1 of 1.