Filtered by vendor Doctor\'s Appointment System Project Subscriptions
Filtered by product Doctor\'s Appointment System Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-36203 1 Doctor\'s Appointment System Project 1 Doctor\'s Appointment System 2024-08-03 6.1 Medium
Doctor's Appointment System 1.0 is vulnerable to Cross Site Scripting (XSS) via the admin panel. In addition, it leads to takeover the administrator account by stealing the cookie via XSS.
CVE-2022-36201 1 Doctor\'s Appointment System Project 1 Doctor\'s Appointment System 2024-08-03 9.8 Critical
Doctor’s Appointment System v1.0 is vulnerable to Blind SQLi via settings.php.
CVE-2022-36202 1 Doctor\'s Appointment System Project 1 Doctor\'s Appointment System 2024-08-03 9.8 Critical
Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control (IDOR) via id= parameter.