RemoteClinic 2.0 has a SQL injection vulnerability in the ID parameter of /medicines/stocks.php.
remoteclinic remote clinic 2.0