Filtered by vendor Hospital Management System Project
Subscribe
Filtered by product Hospital Management System
Subscribe
Total
39 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-27420 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php. | |||||
CVE-2022-27413 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the adminname parameter in admin.php. | |||||
CVE-2022-27299 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the component room.php. | |||||
CVE-2022-26546 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
Hospital Management System v1.0 was discovered to lack an authorization component, allowing attackers to access sensitive information and obtain the admin password. | |||||
CVE-2022-25493 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
HMS v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via treatmentrecord.php. | |||||
CVE-2022-25492 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
HMS v1.0 was discovered to contain a SQL injection vulnerability via the medicineid parameter in ajaxmedicine.php. | |||||
CVE-2022-25491 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 7.5 HIGH | 7.5 HIGH |
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in appointment.php. | |||||
CVE-2022-25490 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in department.php. | |||||
CVE-2022-25409 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the demail parameter at /admin-panel1.php. | |||||
CVE-2022-25408 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the dpassword parameter at /admin-panel1.php. | |||||
CVE-2022-25407 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Doctor parameter at /admin-panel1.php. | |||||
CVE-2022-25403 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
HMS v1.0 was discovered to contain a SQL injection vulnerability via the component admin.php. | |||||
CVE-2022-25402 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
An incorrect access control issue in HMS v1.0 allows unauthenticated attackers to read and modify all PHP files. | |||||
CVE-2022-24136 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Hospital Management System v1.0 is affected by an unrestricted upload of dangerous file type vulerability in treatmentrecord.php. To exploit, an attacker can upload any PHP file, and then execute it. | |||||
CVE-2021-44095 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
A SQL injection vulnerability exists in ProjectWorlds Hospital Management System in php 1.0 on login page that allows a remote attacker to compromise Application SQL database. | |||||
CVE-2021-38757 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
Persistent cross-site scripting (XSS) in Hospital Management System targeted towards web admin through contact.php. | |||||
CVE-2021-38756 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
Persistent cross-site scripting (XSS) in Hospital Management System targeted towards web admin through prescribe.php. | |||||
CVE-2021-38755 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
Unauthenticated doctor entry deletion in Hospital Management System in admin-panel1.php. | |||||
CVE-2021-38754 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
SQL Injection vulnerability in Hospital Management System due to lack of input validation in messearch.php. |