Search Results | AttackerKB

24 Total Results

Displaying 21-24 of 24

Attacker Value

Unknown

CVE-2021-27317

Disclosure Date: March 01, 2021 (last updated February 22, 2025)

Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the comment parameter.

Attacker Value

Unknown

CVE-2021-27318

Disclosure Date: March 01, 2021 (last updated February 22, 2025)

Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the lastname parameter.

Attack Vector: Network Privileges: None User Interaction: Required

Attacker Value

Unknown

CVE-2021-27124

Disclosure Date: February 18, 2021 (last updated February 22, 2025)

SQL injection in the expertise parameter in search_result.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack.

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2020-29283

Disclosure Date: December 02, 2020 (last updated February 22, 2025)

An SQL injection vulnerability was discovered in Online Doctor Appointment Booking System PHP and Mysql via the q parameter to getuser.php.

Attack Vector: Network Privileges: None User Interaction: None

24 Total Results

Displaying 21-24 of 24

Unknown

CVE-2021-27317

Unknown

CVE-2021-27318

Unknown

CVE-2021-27124

Unknown

CVE-2020-29283

Quick Cookie Notification