Lucene search
+L

479 matches found

CNNVD
CNNVD
added 2026/05/26 12:0 a.m.13 views

SourceCodester eDoc Doctor Appointment System 安全漏洞

SourceCodester eDoc Doctor Appointment System is an open-source appointment system for doctors developed by SourceCodester. Version 1.0 of the SourceCodester eDoc Doctor Appointment System contains a security vulnerability. This vulnerability stems from incorrect parameter handling in the...

6.9CVSS6.6AI score0.00325EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/14 3:30 p.m.6 views

EUVD-2026-22271

SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/manageappointment.php...

2.7CVSS5.9AI score0.0019EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/14 12:0 a.m.25 views

CVE-2026-37601

SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/manageappointment.php...

0.0019EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/14 12:0 a.m.30 views

CVE-2026-37598

SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to arbitrary code execution RCE via /scheduler/classes/SystemSettings.php?f=updatesettings...

0.00239EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.6 views

PT-2026-32640

CVE-2026-37600 SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/view details.php. https://t.co/uQ5V37C8xd...

2.7CVSS5.8AI score0.0019EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.6 views

PT-2026-32642

CVE-2026-37602 SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/user/manage user.php. https://t.co/KXDGr8fSPw...

2.7CVSS5.8AI score0.0019EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.10 views

PT-2026-32641

CVE-2026-37601 SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/manage appointment.php. https://t.co/UmuQdNNj6l...

2.7CVSS5.8AI score0.0019EPSS
Exploits0References3
CVE
CVE
added 2026/04/14 12:0 a.m.9 views

CVE-2026-37601

SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/manage_appointment.php. The CVE notes a database-query flaw exploitable via that PHP endpoint, but no specific impact, affected version ranges beyond v1.0, or concrete...

2.7CVSS5.9AI score0.0019EPSS
Exploits0References1
CVE
CVE
added 2026/04/14 12:0 a.m.11 views

CVE-2026-37602

SourceCodester Patient Appointment Scheduler System v1.0 is affected by a SQL Injection in /scheduler/admin/user/manage_user.php. The CVE reports a low-severity issue (CVSS v3.1: 2.7, LOW) with NETWORK attack vector, HIGH privileges required, and no user interaction. Impact is limited to confiden...

2.7CVSS5.9AI score0.0019EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/31 6:31 a.m.8 views

EUVD-2026-17327

A vulnerability has been found in SourceCodester Simple Doctors Appointment System up to 1.0. This issue affects some unknown processing of the file /doctorsappointment/admin/ajax.php?action=savecategory. Such manipulation of the argument img leads to unrestricted upload. The attack may be...

6.5CVSS6.1AI score0.00206EPSS
Exploits0References6
EUVD
EUVD
added 2026/03/31 6:31 a.m.8 views

EUVD-2026-17311

A vulnerability was detected in SourceCodester Simple Doctors Appointment System 1.0. This affects an unknown part of the file /admin/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is now public and may be used...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References6
NVD
NVD
added 2026/03/31 5:16 a.m.3 views

CVE-2026-5181

A vulnerability has been found in SourceCodester Simple Doctors Appointment System up to 1.0. This issue affects some unknown processing of the file /doctorsappointment/admin/ajax.php?action=savecategory. Such manipulation of the argument img leads to unrestricted upload. The attack may be...

6.5CVSS0.00206EPSS
Exploits0References5
NVD
NVD
added 2026/03/31 5:16 a.m.5 views

CVE-2026-5180

A flaw has been found in SourceCodester Simple Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=login2. This manipulation of the argument email causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

7.5CVSS0.00325EPSS
Exploits0References5
NVD
NVD
added 2026/03/31 5:16 a.m.6 views

CVE-2026-5179

A vulnerability was detected in SourceCodester Simple Doctors Appointment System 1.0. This affects an unknown part of the file /admin/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is now public and may be used...

7.5CVSS0.00259EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/31 4:45 a.m.7 views

CVE-2026-5181

A vulnerability has been found in SourceCodester Simple Doctors Appointment System up to 1.0. This issue affects some unknown processing of the file /doctorsappointment/admin/ajax.php?action=savecategory. Such manipulation of the argument img leads to unrestricted upload. The attack may be...

6.5CVSS5.4AI score0.00206EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/03/31 4:45 a.m.11 views

CVE-2026-5181

Affected software: SourceCodester Simple Doctors Appointment System (up to 1.0). Vulnerability: unrestricted upload via manipulation of the img argument in /doctors_appointment/admin/ajax.php?action=save_category. Root cause / issue: input handling flaw in the file upload path enables remote atta...

6.5CVSS6.1AI score0.00206EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/31 4:45 a.m.32 views

CVE-2026-5181 SourceCodester Simple Doctors Appointment System ajax.php unrestricted upload

A vulnerability has been found in SourceCodester Simple Doctors Appointment System up to 1.0. This issue affects some unknown processing of the file /doctorsappointment/admin/ajax.php?action=savecategory. Such manipulation of the argument img leads to unrestricted upload. The attack may be...

6.5CVSS0.00206EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/31 4:0 a.m.1 views

CVE-2026-5180 SourceCodester Simple Doctors Appointment System ajax.php sql injection

A flaw has been found in SourceCodester Simple Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=login2. This manipulation of the argument email causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

7.5CVSS6.9AI score0.00325EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/31 4:0 a.m.2 views

CVE-2026-5179 SourceCodester Simple Doctors Appointment System login.php sql injection

A vulnerability was detected in SourceCodester Simple Doctors Appointment System 1.0. This affects an unknown part of the file /admin/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is now public and may be used...

7.5CVSS7AI score0.00259EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.9 views

SourceCodester Simple Doctors Appointment System SQL注入漏洞

SourceCodester Simple Doctors Appointment System is an easy doctor appointment system developed under the open-source framework of SourceCodester. Version 1.0 of the SourceCodester Simple Doctors Appointment System has a SQL injection vulnerability. This vulnerability arises from incorrect handli...

7.5CVSS7.2AI score0.00259EPSS
Exploits0References5
Rows per page
Query Builder