Clinic Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for a shell upload. Continue reading...