← All advisoriesHigh severity7.5NVD Advisory· Published Mar 15, 2022· Updated Jun 17, 2026CVE-2022-25491CVE-2022-25491DescriptionHMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in appointment.php.Affected products2HMS/HMSdescriptionHms/hmsllm-fuzzyRange: = 1.0PatchesVulnerability mechanicsNews mentions0No linked articles in our index yet.