Doctor Search Script 1.0 has SQL Injection via the /list city parameter.
doctor search script project doctor search script 1.0