以下是根据你提供的信息从网页截图中归纳出的关于漏洞的关键信息,以简洁的markdown格式表示: SQL Injection Vulnerability (CWE-89) Summary A critical SQL Injection (SQLi) vulnerability exists within the script, specifically in the deleting doctor logic. This flaw can lead to severe impacts, including Data Exposure, Data Corruption, and potential Server-Side Code Execution. Vulnerable Component and Context File: Vulnerable Code: Proof of Concept (PoC) The vulnerability is triggered by manipulating the parameter. Attackers can append SQL control characters to break out of the string context. Malicious Payload Impact Server-Side Code Execution Data Exposure