10 matches found
CVE-2025-70062
PHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forgery CSRF vulnerability in the 'Add Doctor' module. The application fails to enforce CSRF token validation on the add-doctor.php endpoint. This allows remote attackers to create arbitrary Doctor accounts privileged users ...
CVE-2025-70062
PHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forgery CSRF vulnerability in the 'Add Doctor' module. The application fails to enforce CSRF token validation on the add-doctor.php endpoint. This allows remote attackers to create arbitrary Doctor accounts privileged users ...
CVE-2025-70062
PHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forgery CSRF vulnerability in the 'Add Doctor' module. The application fails to enforce CSRF token validation on the add-doctor.php endpoint. This allows remote attackers to create arbitrary Doctor accounts privileged users ...
PT-2026-20481
PHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forgery CSRF vulnerability in the 'Add Doctor' module. The application fails to enforce CSRF token validation on the add-doctor.php endpoint. This allows remote attackers to create arbitrary Doctor accounts privileged users ...
CVE-2025-70062
PHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forgery CSRF vulnerability in the 'Add Doctor' module. The application fails to enforce CSRF token validation on the add-doctor.php endpoint. This allows remote attackers to create arbitrary Doctor accounts privileged users ...
PHPGurukul Hospital Management System 安全漏洞
PHPGurukul Hospital Management System is a hospital management system developed by PHPGurukul company, based on PHP and MySQL. The PHPGurukul Hospital Management System v4.0 version has a security vulnerability. This vulnerability stems from the lack of cross-site request forgery token verificati...
CVE-2025-70062
CVE-2025-70062 affects PHPGurukul Hospital Management System v4.0. A CSRF vulnerability exists in the Add Doctor module where the add-doctor.php endpoint does not enforce CSRF token validation. This allows an attacker to cause an authenticated administrator to visit a crafted page, potentially cr...
CVE-2025-56212
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in add-doctor.php via the docname parameter...
PHPGurukul Hospital Management System 安全漏洞
Hospital Management System is a PHP and MySQL based hospital management system. Hospital Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the docname parameter of add-doctor.php. No details of the...
CVE-2024-10350
A vulnerability was found in code-projects Hospital Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/add-doctor.php. The manipulation of the argument docname leads to sql injection. The attack can be initiated remotely. The exploi...