Lucene search
K

1652 matches found

Nuclei
Nuclei
added 13 hours ago10 views

PHPGurukul Hospital Management System 4.0 - SQL Injection

PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\user-login.php. Remote unauthenticated users can exploit the vulnerability to obtain sensitive database information. id: CVE-2020-22165 info: name: PHPGurukul Hospital Management System 4.0 - SQL Injection...

7.5CVSS7.2AI score0.06348EPSS
Exploits1References2
Nuclei
Nuclei
added 13 hours ago9 views

Hospital Management System 1.0 - Cross-Site Scripting

Hospital Management System 1.0 contains a cross-site scripting vulnerability via the searchdata parameter in doctor/search.php and patient-search.php. id: CVE-2021-39411 info: name: Hospital Management System 1.0 - Cross-Site Scripting author: arafatansari severity: high description: | Hospital...

6.1CVSS6.2AI score0.0089EPSS
Exploits0References2
Nuclei
Nuclei
added 13 hours ago34 views

Hospital Management System 1.0 - SQL Injection

Hospital Management System 1.0 contains a SQL injection vulnerability via the editid parameter in /HMS/admin.php. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id:...

7.2CVSS7.2AI score0.03745EPSS
Exploits1References5
Nuclei
Nuclei
added 13 hours ago31 views

PHPGurukul Hospital Management System - Cross-Site Scripting

PHPGurukul Hospital Management System in PHP 4.0 contains multiple cross-site scripting vulnerabilities. An attacker can execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. id: CVE-2020-5191 info: name: PHPGurukul Hospital Management System -...

6.1CVSS6.5AI score0.0552EPSS
Exploits3References5
Nuclei
Nuclei
added 13 hours ago35 views

Hospital Management System 4.0 - SQL Injection

Hospital Management System 4.0 contains multiple SQL injection vulnerabilities because multiple pages and parameters do not validate user input. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of...

8.8CVSS7.4AI score0.1681EPSS
Exploits3References5
Nuclei
Nuclei
added 13 hours ago49 views

Hospital Management System 1.0 - SQL Injection

Hospital Management System 1.0 contains a SQL injection vulnerability via the editid parameter in /HMS/doctor.php. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id:...

9.8CVSS7.4AI score0.07537EPSS
Exploits1References4
NVD
NVD
added 3 days ago10 views

CVE-2026-13579

A weakness has been identified in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /patientchangepassword.php. Executing a manipulation of the argument newpassword can lead to sql injection. The attack may be launched remotely. The...

6.5CVSS0.002EPSS
Exploits0References6
NVD
NVD
added 3 days ago7 views

CVE-2026-13578

A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patientdetail.php. Performing a manipulation of the argument editid results in sql injection. The attack may be initiated remotely. The explo...

6.5CVSS0.002EPSS
Exploits0References6
NVD
NVD
added 3 days ago7 views

CVE-2026-13572

A vulnerability has been found in itsourcecode Hospital Management System 1.0. The impacted element is an unknown function of the file /insertbillingrecord.php. The manipulation of the argument patientid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS0.002EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 3 days ago5 views

CVE-2026-13579

A weakness has been identified in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /patientchangepassword.php. Executing a manipulation of the argument newpassword can lead to sql injection. The attack may be launched remotely. The...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6Affected Software1
CVE
CVE
added 3 days ago9 views

CVE-2026-13579

CVE-2026-13579 affects itsourcecode Hospital Management System 1.0. A vulnerability exists in the file /patientchangepassword.php where manipulation of the newpassword parameter can trigger a SQL injection. The issue can be exploited remotely and the exploit is publicly available (proof-of-concep...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-40123

A weakness has been identified in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /patientchangepassword.php. Executing a manipulation of the argument newpassword can lead to sql injection. The attack may be launched remotely. The...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
CVE
CVE
added 3 days ago12 views

CVE-2026-13578

CVE-2026-13578 affects itsourcecode Hospital Management System 1.0. The vulnerability is an SQL injection in the file /patientdetail.php triggered by manipulating the editid parameter. Attack vector is network-based with low complexity and no user interaction required; privileges appear to be low...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
EUVD
EUVD
added 3 days ago7 views

EUVD-2026-40120

A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patientdetail.php. Performing a manipulation of the argument editid results in sql injection. The attack may be initiated remotely. The explo...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
Cvelist
Cvelist
added 3 days ago35 views

CVE-2026-13578 itsourcecode Hospital Management System patientdetail.php sql injection

A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patientdetail.php. Performing a manipulation of the argument editid results in sql injection. The attack may be initiated remotely. The explo...

6.5CVSS0.002EPSS
Exploits0References6
CVE
CVE
added 3 days ago8 views

CVE-2026-13572

The vulnerability CVE-2026-13572 affects itsourcecode Hospital Management System 1.0. The exposed flaw is in the file /insertbillingrecord.php, involving an unknown function where manipulating the argument patientid leads to a SQL injection. Attacks can be initiated remotely, and the exploit has ...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-13572 itsourcecode Hospital Management System insertbillingrecord.php sql injection

A vulnerability has been found in itsourcecode Hospital Management System 1.0. The impacted element is an unknown function of the file /insertbillingrecord.php. The manipulation of the argument patientid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS0.002EPSS
Exploits0References6
NVD
NVD
added 3 days ago10 views

CVE-2026-13548

A vulnerability was identified in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /doctortimings.php. The manipulation of the argument editid leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might...

6.5CVSS0.002EPSS
Exploits0References6
CVE
CVE
added 3 days ago9 views

CVE-2026-13548

CVE-2026-13548 affects itsourcecode Hospital Management System 1.0. The vulnerability is in the file “/doctortimings.php” where manipulation of the argument “editid” leads to an SQL injection. Remote exploitation is possible, and a public exploit is available. Mitigation details are not provided ...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-40048

A vulnerability was identified in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /doctortimings.php. The manipulation of the argument editid leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
Rows per page
Query Builder