CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

In the POST request of the appointment.php page of HMS v.0, there are SQL injection vulnerabilities in multiple parameters, and database information can be obtained through injection...

7.5CVSS7.9AI score0.00289EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 1:12 a.m.•3 views

CVE-2022-23364

HMS v1.0 was discovered to contain a SQL injection vulnerability via adminlogin.php...

9.8CVSS8.3AI score0.00307EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 12:6 a.m.•5 views

CVE-2022-25403

HMS v1.0 was discovered to contain a SQL injection vulnerability via the component admin.php...

9.8CVSS8.3AI score0.00218EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 10:30 p.m.•2 views

CVE-2022-25492

HMS v1.0 was discovered to contain a SQL injection vulnerability via the medicineid parameter in ajaxmedicine.php...

9.8CVSS8.3AI score0.00273EPSS

Exploits1References1

OSV•added 2022/05/16 1:15 p.m.•2 views

CVE-2022-30012

In the POST request of the appointment.php page of HMS v.0, there are SQL injection vulnerabilities in multiple parameters, and database information can be obtained through injection...

7.5CVSS5.8AI score

Exploits0References2

ATTACKERKB•added 2022/05/16 1:15 p.m.•0 views

CVE-2022-30012

In the POST request of the appointment.php page of HMS v.0, there are SQL injection vulnerabilities in multiple parameters, and database information can be obtained through injection...

7.5CVSS5.9AI score0.00289EPSS

Exploits1References3

Positive Technologies•added 2022/05/16 12:0 a.m.•2 views

PT-2022-19967 · Hms · Hms

Name of the Vulnerable Software and Affected Versions: HMS version 1.0 Description: The issue is related to a SQL injection vulnerability. When requesting "appointment.php" through POST, multiple parameters can lead to this vulnerability. Recommendations: For HMS version 1.0, as a temporary...

9.8CVSS9.6AI score0.0126EPSS

Exploits1References5

ATTACKERKB•added 2022/03/15 6:15 p.m.•2 views

CVE-2022-25491

HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in appointment.php...

7.5CVSS5.7AI score0.00266EPSS

Exploits1References2

OSV•added 2022/03/15 6:15 p.m.•1 views

CVE-2022-25493

HMS v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via treatmentrecord.php...

6.1CVSS5.7AI score

Exploits0References1

OSV•added 2022/03/15 6:15 p.m.•0 views

CVE-2022-25492

HMS v1.0 was discovered to contain a SQL injection vulnerability via the medicineid parameter in ajaxmedicine.php...

9.8CVSS5.8AI score0.00273EPSS

Exploits1References1

ATTACKERKB•added 2022/03/15 6:15 p.m.•0 views

CVE-2022-25493

HMS v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via treatmentrecord.php...

6.1CVSS5AI score0.00288EPSS

Exploits1References2

OSV•added 2022/02/24 3:15 p.m.•1 views

CVE-2022-25402

An incorrect access control issue in HMS v1.0 allows unauthenticated attackers to read and modify all PHP files...

9.1CVSS5.8AI score0.00544EPSS

Exploits1References1

ATTACKERKB•added 2022/02/24 3:15 p.m.•0 views

CVE-2022-25402

An incorrect access control issue in HMS v1.0 allows unauthenticated attackers to read and modify all PHP files...

9.1CVSS7.2AI score0.00544EPSS

Exploits1References2

OSV•added 2022/02/24 3:15 p.m.•1 views

CVE-2022-25403

HMS v1.0 was discovered to contain a SQL injection vulnerability via the component admin.php...

9.8CVSS7.3AI score

Exploits0References1

ATTACKERKB•added 2022/01/21 11:15 p.m.•2 views

CVE-2022-23364

HMS v1.0 was discovered to contain a SQL injection vulnerability via adminlogin.php...

9.8CVSS7.4AI score0.00307EPSS

Exploits1References2

ATTACKERKB•added 2022/01/21 11:15 p.m.•2 views

CVE-2022-23366

HMS v1.0 was discovered to contain a SQL injection vulnerability via patientlogin.php...

9.8CVSS7.3AI score0.00311EPSS

Exploits4References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by