← All advisoriesCritical severity9.8NVD Advisory· Published Mar 15, 2022· Updated Jun 17, 2026CVE-2022-25492CVE-2022-25492DescriptionHMS v1.0 was discovered to contain a SQL injection vulnerability via the medicineid parameter in ajaxmedicine.php.Affected products2HMS/HMSdescriptionHms/hmsllm-fuzzyPatchesVulnerability mechanicsNews mentions0No linked articles in our index yet.