Doctor Appointment System 1.0 - SQL Injection

SQL injection in the expertise parameter in searchresult.php in Doctor Appointment System v1.0. id: CVE-2021-27124 info: name: Doctor Appointment System 1.0 - SQL Injection author: theamanrawat severity: medium description: | SQL injection in the expertise parameter in searchresult.php in Doctor...

CVE-2026-27124

creationtimestamp| type| source ---|---|--- 2026-04-03 16:05:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mim3y7nole2z 2026-04-03 17:26:40+00:00| published-proof-of-concept| Telegram/DJsg5Qi7j92DgCP14lqfeXU4IPClBfbIww0fpCMr4ueipk0...

acpx-teams (=0.1.0), arifos (>=2026.2.22 <=2026.4.16) +58 more potentially affected by CVE-2026-27124 via fastmcp (>=3.0.0 <=3.1.1)

fastmcp PYPI version =3.0.0, =2026.2.22, =2026.3.13, =1.0.0, =0.56.0, =0.1.0, =0.3.2, =0.3.0, =1.1.0, =0.0.1, =0.0.1, =0.1.0, =0.6.1, =0.6.1, =0.6.12 and more Source cves: CVE-2026-27124 Source advisory: SNYK:PYTHON-FASTMCP-15871030...

CVE-2022-27124

Insurance Management System 1.0 was discovered to contain a SQL injection vulnerability via the username parameter...

CVE-2020-27124

A vulnerability in the SSL/TLS handler of Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to cause the affected device to reload unexpectedly, leading to a denial of service DoS condition. The vulnerability is due to improper error handling on...

CVE-2020-27124

Cisco ASA SSL/TLS DoS (CVE-2020-27124): Vulnerability in the SSL/TLS handler due to improper error handling on established SSL/TLS connections can cause an unauthenticated remote attacker to reload the device, leading to DoS. Affected products: Cisco ASA Software. Impact: device reload and servic...

CVE-2024-27124

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later...

CVE-2024-27124

CVE-2024-27124 is an OS command injection vulnerability affecting QNAP QTS, QuTS hero, and QuTScloud. Exploitation could allow an attacker to execute arbitrary commands over the network, with no required privileges and user interaction needed. The issue has been fixed in: QTS 5.1.3.2578+ (build 2...

CVE-2024-27124 QTS, QuTS hero, QuTScloud

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later...

CVE-2024-27124 QTS, QuTS hero, QuTScloud

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later...

CVE-2022-27124

creationtimestamp| type| source ---|---|--- 2022-04-06 00:29:17+00:00| seen| https://t.me/cibsecurity/40212...

CVE-2022-27124

Insurance Management System 1.0 was discovered to contain a SQL injection vulnerability via the username parameter...

CVE-2022-27124

Insurance Management System 1.0 was discovered to contain a SQL injection vulnerability via the username parameter...

CVE-2022-27124

CVE-2022-27124 affects Insurance Management System 1.0, with a SQL injection vulnerability exposed via the username parameter. The root cause is a flaw in input handling that allows a crafted username to manipulate SQL queries. Public documentation lists this vulnerability across multiple feeds (...

CVE-2021-27124

creationtimestamp| type| source ---|---|--- 2021-05-30 03:02:07+00:00| seen| https://t.me/pwnwikizhchannel/545...

CVE-2021-27124

SQL injection in the expertise parameter in searchresult.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack...

CVE-2021-27124

SQL injection in the expertise parameter in searchresult.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack...