漏洞关键信息 Title: code-projects Health Center Patient Record Management System 1.0 SQL Injection Description: - An unrestricted SQL injection attack exists in patient-record-management-system-in-php in fecalysis_not.php. The parameters that can be controlled are as follows: $comp_id. This function executes the comp_id parameter into the SQL statement without any restrictions. A malicious attacker could exploit this vulnerability to obtain sensitive information in the server database. Source:  User: userg (UID 95307) Submission Date: 02/09/2026 04:45 AM Moderation Date: 02/18/2026 07:09 PM Status: Accepted VulDB Entry: code-projects Patient Record Management System 1.0 /fecalysis_not.php comp_id sql injection [346852] Points: 19