CVE-2024-28303

Open Source Medicine Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the date parameter at /admin/reports/index.php.

More information : https://github.com/onurkarasalihoglu/vulnerability-disclosures/blob/main/omos_sqli_exploit.py