CVE-2023-41528

Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in contact.php via the txtname, txtphone, and txtmail parameters...

CVE-2023-41528

Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in contact.php via the txtname, txtphone, and txtmail parameters...

PT-2025-32297 · Unknown · Hospital Management System

Name of the Vulnerable Software and Affected Versions: Hospital Management System version 4 Description: The Hospital Management System is susceptible to multiple SQL injection flaws within the contact.php file. These flaws are triggered through the txtname, txtphone, and txtmail parameters...

CVE-2023-41528

CVE-2023-41528 concerns Hospital Management System v4, where the component in question is the file/endpoint responsible for contact handling. The vulnerability is described as multiple SQL injection flaws in contact.php triggered by the parameters txtname, txtphone, and txtmail. According to the ...

CVE-2025-50367

A stored blind XSS vulnerability exists in the Contact Page of the Phpgurukul Medical Card Generation System 1.0 mcgs/contact.php. The name field fails to properly sanitize user input, allowing an attacker to inject malicious JavaScript...

Hostel Management System contact.php File SQL Injection Vulnerability

Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter hostelname in the file /contact.php. An attacker can use this vulnerability to...

CVE-2025-6294

A vulnerability was found in code-projects Hostel Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /contact.php. The manipulation of the argument hostelname leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-6294 code-projects Hostel Management System contact.php sql injection

A vulnerability was found in code-projects Hostel Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /contact.php. The manipulation of the argument hostelname leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-6294 code-projects Hostel Management System contact.php sql injection

A vulnerability was found in code-projects Hostel Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /contact.php. The manipulation of the argument hostelname leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-6126

A vulnerability was found in PHPGurukul Rail Pass Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /contact.php. The manipulation of the argument Name leads to cross site scripting. The attack can be launched...

CVE-2025-6126 PHPGurukul Rail Pass Management System contact.php cross site scripting

A vulnerability was found in PHPGurukul Rail Pass Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /contact.php. The manipulation of the argument Name leads to cross site scripting. The attack can be launched...

CVE-2025-6126

CVE-2025-6126 — PHPGurukul Rail Pass Management System 1.0 has a cross-site scripting vulnerability in the unknown-functionality of the file /contact.php. The vulnerability is triggered by manipulating the Name parameter, enabling remote attackers to inject scripts. Public exploits exist; multipl...

CVE-2025-5361

A vulnerability, which was classified as critical, has been found in Campcodes Online Hospital Management System 1.0. This issue affects some unknown processing of the file /contact.php. The manipulation of the argument fullname leads to sql injection. The attack may be initiated remotely. The...

CVE-2022-24646

Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/contact.php via the txtMsg parameters...

CVE-2014-8365

Multiple cross-site scripting XSS vulnerabilities in Xornic Contact Us allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 email parameter to contact.php or 3 PATHINFO to setup.php, related to the "PHPSELF" variable...

CVE-2019-16130

YII2-CMS v1.0 has XSS in protected\core\modules\home\models\Contact.php via a name field to /contact.html...

CVE-2017-17911

packages/core/contact.php in Archon 3.21 rev-1 has XSS in the referer parameter in an index.php?p=core/contact request, aka Open Bug Bounty ID OBB-278503...

CVE-2025-4758

The CVE-2025-4758 entry affects PHPGurukul Beauty Parlour Management System 1.1, where an unknown function in /contact.php allows manipulation of the fname parameter to trigger SQL injection. This can be exploited remotely and exploits have been disclosed publicly. Other parameters may be affecte...

CVE-2025-4758 PHPGurukul Beauty Parlour Management System contact.php sql injection

A vulnerability classified as critical has been found in PHPGurukul Beauty Parlour Management System 1.1. Affected is an unknown function of the file /contact.php. The manipulation of the argument fname leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2023-33770

Real Estate Management System v1.0 was discovered to contain a SQL injection vulnerability via the message parameter at /contact.php...