Filtered by vendor Hospital Management System Project
Subscriptions
Total
41 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-43909 | 2 Hospital Management System, Hospital Management System Project | 2 Hospital Management System, Hospital Management System | 2024-09-23 | 9.1 Critical |
| Hospital Management System thru commit 4770d was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php. | ||||
| CVE-2021-44095 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-08-04 | 9.8 Critical |
| A SQL injection vulnerability exists in ProjectWorlds Hospital Management System in php 1.0 on login page that allows a remote attacker to compromise Application SQL database. | ||||
| CVE-2021-38756 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-08-04 | 6.1 Medium |
| Persistent cross-site scripting (XSS) in Hospital Management System targeted towards web admin through prescribe.php. | ||||
| CVE-2021-38757 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-08-04 | 6.1 Medium |
| Persistent cross-site scripting (XSS) in Hospital Management System targeted towards web admin through contact.php. | ||||
| CVE-2021-38755 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-08-04 | 5.3 Medium |
| Unauthenticated doctor entry deletion in Hospital Management System in admin-panel1.php. | ||||
| CVE-2021-38754 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-08-04 | 9.8 Critical |
| SQL Injection vulnerability in Hospital Management System due to lack of input validation in messearch.php. | ||||
| CVE-2022-48120 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-08-03 | 9.8 Critical |
| SQL Injection vulnerability in kishan0725 Hospital Management System thru commit 4770d740f2512693ef8fd9aa10a8d17f79fad9bd (on March 13, 2021), allows attackers to execute arbitrary commands via the contact and doctor parameters to /search.php. | ||||
| CVE-2022-46093 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-08-03 | 8.2 High |
| Hospital Management System v1.0 is vulnerable to SQL Injection. Attackers can gain administrator privileges without the need for a password. | ||||
| CVE-2022-38637 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-08-03 | 9.8 Critical |
| Hospital Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the Username and Password parameters on the Login page. | ||||
| CVE-2022-34590 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-08-03 | 7.2 High |
| Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in /HMS/admin.php. | ||||
| CVE-2022-32093 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-08-03 | 9.8 Critical |
| Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at adminlogin.php. | ||||
| CVE-2022-32094 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-08-03 | 9.8 Critical |
| Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at doctorlogin.php. | ||||
| CVE-2022-32095 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-08-03 | 9.8 Critical |
| Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at orders.php. | ||||
| CVE-2022-30449 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-08-03 | 9.8 Critical |
| Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in room.php. | ||||
| CVE-2022-30516 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-08-03 | 9.8 Critical |
| In Hospital-Management-System v1.0, the editid parameter in the doctor.php page is vulnerable to SQL injection attacks. | ||||
| CVE-2022-30448 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-08-03 | 9.8 Critical |
| Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a File upload vulnerability in treatmentrecord.php. | ||||
| CVE-2022-30011 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-08-03 | 9.8 Critical |
| In HMS 1.0 when requesting appointment.php through POST, multiple parameters can lead to a SQL injection vulnerability. | ||||
| CVE-2022-30012 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-08-03 | 7.5 High |
| In the POST request of the appointment.php page of HMS v.0, there are SQL injection vulnerabilities in multiple parameters, and database information can be obtained through injection. | ||||
| CVE-2022-28929 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-08-03 | 9.8 Critical |
| Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the delid parameter at viewtreatmentrecord.php. | ||||
| CVE-2022-27413 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-08-03 | 9.8 Critical |
| Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the adminname parameter in admin.php. | ||||