Show filters
131 Total Results
Displaying 71-80 of 131
Sort by:
Attacker Value
Unknown

CVE-2022-42205

Disclosure Date: October 21, 2022 (last updated November 15, 2023)
PHPGurukul Hospital Management System In PHP V 4.0 is vulnerable to Cross Site Scripting (XSS) via add-patient.php.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-33880

Disclosure Date: September 29, 2022 (last updated February 24, 2025)
hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-38637

Disclosure Date: September 13, 2022 (last updated February 24, 2025)
Hospital Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the Username and Password parameters on the Login page.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-34590

Disclosure Date: July 20, 2022 (last updated February 24, 2025)
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in /HMS/admin.php.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-32095

Disclosure Date: July 01, 2022 (last updated February 24, 2025)
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at orders.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-32094

Disclosure Date: July 01, 2022 (last updated February 24, 2025)
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at doctorlogin.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-32093

Disclosure Date: July 01, 2022 (last updated February 24, 2025)
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at adminlogin.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-44095

Disclosure Date: June 02, 2022 (last updated February 23, 2025)
A SQL injection vulnerability exists in ProjectWorlds Hospital Management System in php 1.0 on login page that allows a remote attacker to compromise Application SQL database.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-30516

Disclosure Date: May 26, 2022 (last updated February 23, 2025)
In Hospital-Management-System v1.0, the editid parameter in the doctor.php page is vulnerable to SQL injection attacks.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-30012

Disclosure Date: May 16, 2022 (last updated February 23, 2025)
In the POST request of the appointment.php page of HMS v.0, there are SQL injection vulnerabilities in multiple parameters, and database information can be obtained through injection.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  < Previous  Next >