Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Doctor\'s Appointment System Project Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-36201 1 Doctor\'s Appointment System Project 1 Doctor\'s Appointment System 2024-02-28 N/A 9.8 CRITICAL
Doctor’s Appointment System v1.0 is vulnerable to Blind SQLi via settings.php.
CVE-2022-36202 1 Doctor\'s Appointment System Project 1 Doctor\'s Appointment System 2024-02-28 N/A 9.8 CRITICAL
Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control (IDOR) via id= parameter.
CVE-2022-36203 1 Doctor\'s Appointment System Project 1 Doctor\'s Appointment System 2024-02-28 N/A 6.1 MEDIUM
Doctor's Appointment System 1.0 is vulnerable to Cross Site Scripting (XSS) via the admin panel. In addition, it leads to takeover the administrator account by stealing the cookie via XSS.

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024