Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control (IDOR) via id= parameter.Referenceshttps://www.sourcecodester.com/hashenudara/simple-doctors-appointment-project.htmlhttps://github.com/aznull/CVEs