Lucene search
K

927 matches found

Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.18 views

PT-2026-26566

A vulnerability was detected in itsourcecode Online Doctor Appointment System 1.0. This issue affects some unknown processing of the file /admin/appointment action.php. The manipulation of the argument appointment id results in sql injection. The attack can be launched remotely. The exploit is no...

5.8CVSS5.8AI score0.00321EPSS
Exploits1References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/13 12:40 a.m.5 views

Malicious code in f0-service-address-doctor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fb126414f1575e7289915e4edd746dbac3d039a0a433f5069309acc281e7892 The package f0-service-address-doctor was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/13 12:40 a.m.3 views

MAL-2026-1378 Malicious code in f0-service-address-doctor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fb126414f1575e7289915e4edd746dbac3d039a0a433f5069309acc281e7892 The package f0-service-address-doctor was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
EUVD
EUVD
added 2026/03/12 6:31 a.m.6 views

EUVD-2026-11527

A vulnerability was found in itsourcecode Online Doctor Appointment System 1.0. Affected is an unknown function of the file /admin/doctoraction.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been made publ...

7.5CVSS5.7AI score0.00379EPSS
Exploits1References6
NVD
NVD
added 2026/03/12 5:16 a.m.4 views

CVE-2026-3981

A vulnerability was found in itsourcecode Online Doctor Appointment System 1.0. Affected is an unknown function of the file /admin/doctoraction.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been made publ...

9.8CVSS0.00379EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/12 4:32 a.m.35 views

CVE-2026-3981 itsourcecode Online Doctor Appointment System doctor_action.php sql injection

A vulnerability was found in itsourcecode Online Doctor Appointment System 1.0. Affected is an unknown function of the file /admin/doctoraction.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been made publ...

7.5CVSS0.00379EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/12 4:32 a.m.3 views

CVE-2026-3981 itsourcecode Online Doctor Appointment System doctor_action.php sql injection

A vulnerability was found in itsourcecode Online Doctor Appointment System 1.0. Affected is an unknown function of the file /admin/doctoraction.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been made publ...

7.5CVSS5.7AI score0.00379EPSS
Exploits1References5
CVE
CVE
added 2026/03/12 4:32 a.m.14 views

CVE-2026-3981

The CVE-2026-3981 entry concerns itsourcecode Online Doctor Appointment System 1.0. The affected component is an unknown function in /admin/doctor_action.php where manipulating the argument ID triggers a SQL injection. Remote exploitation is possible, and public exploits have been released. Multi...

9.8CVSS6.9AI score0.00379EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/03/12 4:2 a.m.34 views

CVE-2026-3980 itsourcecode Online Doctor Appointment System patient_action.php sql injection

A vulnerability has been found in itsourcecode Online Doctor Appointment System 1.0. This impacts an unknown function of the file /admin/patientaction.php. Such manipulation of the argument patientid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...

7.5CVSS0.00379EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/12 4:2 a.m.2 views

CVE-2026-3980 itsourcecode Online Doctor Appointment System patient_action.php sql injection

A vulnerability has been found in itsourcecode Online Doctor Appointment System 1.0. This impacts an unknown function of the file /admin/patientaction.php. Such manipulation of the argument patientid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...

7.5CVSS6.9AI score0.00379EPSS
Exploits1References5
CVE
CVE
added 2026/03/12 4:2 a.m.15 views

CVE-2026-3980

CVE-2026-3980 affects the itsourcecode Online Doctor Appointment System 1.0. The vulnerability is in the /admin/patient_action.php routine, where manipulating the argument patient_id enables an SQL injection. It can be exploited remotely, and public disclosure is noted; exploitation status varies...

9.8CVSS6.9AI score0.00379EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.7 views

PT-2026-24919

🚨 CVE-2026-3980 A vulnerability has been found in itsourcecode Online Doctor Appointment System 1.0. This impacts an unknown function of the file /admin/patient action.php. Such manipulation of the argument patient id leads to sql injection. The attack may be launched remotely. The exploit has be...

9.8CVSS6.9AI score0.00379EPSS
Exploits1References13
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.7 views

itsourcecode Online Doctor Appointment System SQL注入漏洞

itsourcecode Online Doctor Appointment System is an open-source online doctor appointment system developed by itsourcecode. Version 1.0 of the system has a SQL injection vulnerability; this vulnerability arises from incorrect handling of the parameter ID in the file admin/doctoraction.php, which...

9.8CVSS7.1AI score0.00379EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.8 views

PT-2026-24920

🚨 CVE-2026-3981 A vulnerability was found in itsourcecode Online Doctor Appointment System 1.0. Affected is an unknown function of the file /admin/doctor action.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit h...

9.8CVSS6.9AI score0.00379EPSS
Exploits1References12
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.12 views

itsourcecode Online Doctor Appointment System SQL注入漏洞

itsourcecode Online Doctor Appointment System is an open-source online doctor appointment system developed by itsourcecode. Version 1.0 of the system has a SQL injection vulnerability, which stems from incorrect handling of the patientid parameter in the file admin/patientaction.php. This...

9.8CVSS7.2AI score0.00379EPSS
Exploits1References5
CVE
CVE
added 2026/03/05 5:54 a.m.12 views

CVE-2026-28043

CVE-2026-28043 : WordPress vulnerability in ThemeREX Healer (Doctor, Clinic & Medical WordPress Theme)

9.8CVSS5.9AI score0.00404EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/02 11:28 a.m.5 views

WordPress Healer - Doctor, Clinic & Medical WordPress Theme theme <= 1.0.0 - Local File Inclusion vulnerability

WordPress Healer - Doctor, Clinic & Medical WordPress Theme theme = 1.0.0 - Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Healer - Doctor, Clinic & Medical WordPress Theme versions = 1.0.0...

9.8CVSS5.9AI score0.00404EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/28 7:47 a.m.14 views

CVE-2026-3302

A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown functionality of the file /register.php of the component Sign Up Page. Executing a manipulation of the argument Email can lead to cross site scripting. The attack can be launched...

6.1CVSS4.2AI score0.00359EPSS
Exploits1References1
EUVD
EUVD
added 2026/02/27 9:30 a.m.8 views

EUVD-2026-9004

A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown functionality of the file /register.php of the component Sign Up Page. Executing a manipulation of the argument Email can lead to cross site scripting. The attack can be launched...

6.1CVSS4.2AI score0.00359EPSS
Exploits1References6
OSV
OSV
added 2026/02/27 7:17 a.m.4 views

CVE-2026-3302

A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown functionality of the file /register.php of the component Sign Up Page. Executing a manipulation of the argument Email can lead to cross site scripting. The attack can be launched...

6.1CVSS4AI score0.00359EPSS
Exploits1References5
Rows per page
Query Builder