RemoteClinic 2.0 is vulnerable to a time-based blind SQL injection attack in the 'start' GET parameter of patients/index.php.Referenceshttps://github.com/remoteclinic/RemoteClinic/issues/25