Show filters
131 Total Results
Displaying 91-100 of 131
Sort by:
Attacker Value
Unknown

CVE-2022-25493

Disclosure Date: March 15, 2022 (last updated February 23, 2025)
HMS v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via treatmentrecord.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-25492

Disclosure Date: March 15, 2022 (last updated February 23, 2025)
HMS v1.0 was discovered to contain a SQL injection vulnerability via the medicineid parameter in ajaxmedicine.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-25491

Disclosure Date: March 15, 2022 (last updated February 23, 2025)
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in appointment.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-25490

Disclosure Date: March 15, 2022 (last updated February 23, 2025)
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in department.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-25409

Disclosure Date: February 28, 2022 (last updated February 23, 2025)
Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the demail parameter at /admin-panel1.php.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-25408

Disclosure Date: February 28, 2022 (last updated February 23, 2025)
Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the dpassword parameter at /admin-panel1.php.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-25407

Disclosure Date: February 28, 2022 (last updated February 23, 2025)
Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Doctor parameter at /admin-panel1.php.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-25403

Disclosure Date: February 24, 2022 (last updated February 23, 2025)
HMS v1.0 was discovered to contain a SQL injection vulnerability via the component admin.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-25402

Disclosure Date: February 24, 2022 (last updated February 23, 2025)
An incorrect access control issue in HMS v1.0 allows unauthenticated attackers to read and modify all PHP files.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-24226

Disclosure Date: February 15, 2022 (last updated February 23, 2025)
Hospital Management System v4.0 was discovered to contain a blind SQL injection vulnerability via the register function in func2.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  < Previous  Next >