234 matches found
Doctor Appointment System 1.0 - SQL Injection
SQL injection in the expertise parameter in searchresult.php in Doctor Appointment System v1.0. id: CVE-2021-27124 info: name: Doctor Appointment System 1.0 - SQL Injection author: theamanrawat severity: medium description: | SQL injection in the expertise parameter in searchresult.php in Doctor...
Doctor Appointment System 1.0 - SQL Injection
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via firstname parameter. id: CVE-2021-27320 info: name: Doctor Appointment System 1.0 - SQL Injection author: theamanrawat severity: high description: | Blind S...
Doctor Appointment System 1.0 - SQL Injection
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via the comment parameter. id: CVE-2021-27315 info: name: Doctor Appointment System 1.0 - SQL Injection author: theamanrawat severity: high description: | Blind...
Doctor Appointment System 1.0 - SQL Injection
Blind SQL injection in contactus.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via lastname parameter. id: CVE-2021-27316 info: name: Doctor Appointment System 1.0 - SQL Injection author: theamanrawat severity: high description: | Blind SQ...
Doctor Appointment System 1.0 - SQL Injection
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via email parameter. id: CVE-2021-27319 info: name: Doctor Appointment System 1.0 - SQL Injection author: theamanrawat severity: high description: | Blind SQL...
Doctor Appointment System 1.0 - SQL Injection
SQL injection in admin.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via username parameter at login page. id: CVE-2021-27314 info: name: Doctor Appointment System 1.0 - SQL Injection author: theamanrawat severity: critical description: |...
CVE-2026-36324
SourceCodester Doctor Appointment System 1.0 is vulnerable to Cross Site Scripting XSS due to improper handling of user supplied input in the user registration functionality in register.php...
CVE-2026-36324
SourceCodester Doctor Appointment System 1.0 is vulnerable to Cross Site Scripting XSS due to improper handling of user supplied input in the user registration functionality in register.php...
SourceCodester Doctor Appointment System 安全漏洞
SourceCodester Doctor Appointment System is an open-source application developed by SourceCodester. It provides a scheduling feature. Version 1.0 of the SourceCodester Doctor Appointment System contains a security vulnerability. This vulnerability stems from the improper handling of user inputs...
CVE-2026-36324
SourceCodester Doctor Appointment System 1.0 is vulnerable to Cross Site Scripting XSS due to improper handling of user supplied input in the user registration functionality in register.php...
PT-2026-44899
SourceCodester Doctor Appointment System 1.0 is vulnerable to Cross Site Scripting XSS due to improper handling of user supplied input in the user registration functionality in register.php...
CVE-2026-36324
SourceCodester Doctor Appointment System 1.0 is vulnerable to Cross Site Scripting XSS due to improper handling of user supplied input in the user registration functionality in register.php...
CVE-2026-36324
SourceCodester Doctor Appointment System 1.0 is vulnerable to Cross Site Scripting XSS due to improper handling of user supplied input in the user registration functionality in register.php...
CVE-2026-36324
The CVE refers to SourceCodester Doctor Appointment System 1.0, where the XSS vulnerability originates from improper handling of user input in the user registration form (register.php). The available connected sources confirm the vulnerable component and the vulnerability type but do not provide ...
CVE-2026-9603
A security vulnerability has been detected in SourceCodester eDoc Doctor Appointment System 1.0. This affects an unknown part of the file /admin/delete-session.php. The manipulation of the argument ID leads to missing authorization. Remote exploitation of the attack is possible. The exploit has...
CVE-2026-9603
CVE-2026-9603 affects SourceCodester eDoc Doctor Appointment System 1.0. The vulnerability is due to manipulation of the ID parameter in /admin/delete-session.php, leading to missing authorization and enabling remote exploitation. Public PoC/exploit details are referenced. Vulnerability details r...
CVE-2026-5180
A flaw has been found in SourceCodester Simple Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=login2. This manipulation of the argument email causes sql injection. The attack is possible to be carried out remotely. The exploit has been...
CVE-2026-5181
Affected software: SourceCodester Simple Doctors Appointment System (up to 1.0). Vulnerability: unrestricted upload via manipulation of the img argument in /doctors_appointment/admin/ajax.php?action=save_category. Root cause / issue: input handling flaw in the file upload path enables remote atta...
CVE-2021-27124
SQL injection in the expertise parameter in searchresult.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack...
CVE-2021-27320
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via firstname parameter...