Lucene search
+L

479 matches found

CNNVD
CNNVD
added 2026/03/12 12:0 a.m.8 views

itsourcecode Online Doctor Appointment System SQL注入漏洞

itsourcecode Online Doctor Appointment System is an open-source online doctor appointment system developed by itsourcecode. Version 1.0 of the system has a SQL injection vulnerability; this vulnerability arises from incorrect handling of the parameter ID in the file admin/doctoraction.php, which...

9.8CVSS7.1AI score0.00379EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/02/28 7:47 a.m.14 views

CVE-2026-3302

A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown functionality of the file /register.php of the component Sign Up Page. Executing a manipulation of the argument Email can lead to cross site scripting. The attack can be launched...

6.1CVSS4.2AI score0.00359EPSS
Exploits1References1
EUVD
EUVD
added 2026/02/27 9:30 a.m.10 views

EUVD-2026-9004

A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown functionality of the file /register.php of the component Sign Up Page. Executing a manipulation of the argument Email can lead to cross site scripting. The attack can be launched...

6.1CVSS4.2AI score0.00359EPSS
Exploits1References6
NVD
NVD
added 2026/02/27 7:17 a.m.9 views

CVE-2026-3302

A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown functionality of the file /register.php of the component Sign Up Page. Executing a manipulation of the argument Email can lead to cross site scripting. The attack can be launched...

6.1CVSS0.00359EPSS
Exploits1References5
OSV
OSV
added 2026/02/27 7:17 a.m.5 views

CVE-2026-3302

A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown functionality of the file /register.php of the component Sign Up Page. Executing a manipulation of the argument Email can lead to cross site scripting. The attack can be launched...

6.1CVSS4AI score0.00359EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/02/27 6:2 a.m.6 views

CVE-2026-3302 SourceCodester Doctor Appointment System Sign Up register.php cross site scripting

A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown functionality of the file /register.php of the component Sign Up Page. Executing a manipulation of the argument Email can lead to cross site scripting. The attack can be launched...

5.3CVSS4.2AI score0.00359EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/02/27 6:2 a.m.4 views

CVE-2026-3302

A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown functionality of the file /register.php of the component Sign Up Page. Executing a manipulation of the argument Email can lead to cross site scripting. The attack can be launched...

6.1CVSS4.2AI score0.00359EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/02/27 6:2 a.m.30 views

CVE-2026-3302 SourceCodester Doctor Appointment System Sign Up register.php cross site scripting

A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown functionality of the file /register.php of the component Sign Up Page. Executing a manipulation of the argument Email can lead to cross site scripting. The attack can be launched...

5.3CVSS0.00359EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/02/27 12:0 a.m.8 views

SourceCodester Doctor Appointment System 代码注入漏洞

SourceCodester Doctor Appointment System is an open-source application developed by SourceCodester. It provides a scheduling feature. Version 1.0 of the SourceCodester Doctor Appointment System has a code injection vulnerability. This vulnerability stems from incorrect handling of the parameter...

6.1CVSS5.7AI score0.00359EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.16 views

PT-2026-22304

A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown functionality of the file /register.php of the component Sign Up Page. Executing a manipulation of the argument Email can lead to cross site scripting. The attack can be launched...

5.3CVSS4.2AI score0.00359EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/01/09 12:31 p.m.7 views

CVE-2023-40945

Sourcecodester Doctor Appointment System 1.0 is vulnerable to SQL Injection in the variable $userid at doctors\myDetails.php...

9.8CVSS8.1AI score0.00749EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:29 a.m.7 views

CVE-2021-27314

SQL injection in admin.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via username parameter at login page...

9.8CVSS7.9AI score0.12394EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:29 a.m.7 views

CVE-2021-27318

Cross Site Scripting XSS vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the lastname parameter...

6.1CVSS5.8AI score0.01487EPSS
Exploits3References1
CNVD
CNVD
added 2025/12/25 12:0 a.m.4 views

Online Appointment Booking System clinic parameter SQL injection vulnerability

Online Appointment Booking System is an online appointment booking system. Online Appointment Booking System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter clinic in the file...

9.8CVSS8.3AI score0.00318EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/25 12:0 a.m.5 views

Online Appointment Booking System deletemanager.php File SQL Injection Vulnerability

Online Appointment Booking System is an online appointment booking system. Online Appointment Booking System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter managername in the file /admin/deletemanager.ph...

7.2CVSS8.3AI score0.00275EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/20 4:17 a.m.11 views

CVE-2025-14939

A vulnerability was found in code-projects Online Appointment Booking System 1.0. Impacted is an unknown function of the file /admin/deletemanager.php. The manipulation of the argument managername results in sql injection. The attack may be performed from remote. The exploit has been made public...

7.2CVSS6.7AI score0.00275EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/19 6:30 a.m.6 views

EUVD-2025-204440

A vulnerability was found in code-projects Online Appointment Booking System 1.0. Impacted is an unknown function of the file /admin/deletemanager.php. The manipulation of the argument managername results in sql injection. The attack may be performed from remote. The exploit has been made public...

5.8CVSS6.3AI score0.00275EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/12/18 10:37 p.m.6 views

CVE-2025-14833

A security flaw has been discovered in code-projects Online Appointment Booking System 1.0. The impacted element is an unknown function of the file /admin/deletemanagerclinic.php. Performing manipulation of the argument clinic results in sql injection. The attack can be initiated remotely. The...

9.8CVSS7AI score0.00318EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/18 12:34 a.m.4 views

EUVD-2025-204012

A security flaw has been discovered in code-projects Online Appointment Booking System 1.0. The impacted element is an unknown function of the file /admin/deletemanagerclinic.php. Performing manipulation of the argument clinic results in sql injection. The attack can be initiated remotely. The...

7.5CVSS6.5AI score0.00318EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/12/17 10:32 p.m.2 views

CVE-2025-14833 code-projects Online Appointment Booking System deletemanagerclinic.php sql injection

A security flaw has been discovered in code-projects Online Appointment Booking System 1.0. The impacted element is an unknown function of the file /admin/deletemanagerclinic.php. Performing manipulation of the argument clinic results in sql injection. The attack can be initiated remotely. The...

7.5CVSS6.7AI score0.00318EPSS
Exploits0References5
Rows per page
Query Builder