CVE-2026-10299

A weakness has been identified in code-projects Online Hospital Management System 1.0. This issue affects some unknown processing of the file viewdoctortimings.php. This manipulation of the argument delid causes improper control of resource identifiers. The attack can be initiated remotely. The...

Code-Projects Online Hospital Management System SQL Injection Vulnerability

Code-Projects Online Hospital Management System is an open-source online hospital management system developed by Code-Projects. The 1.php version of the Code-Projects Online Hospital Management System has a SQL injection vulnerability. This vulnerability stems from improper handling of the Userna...

CVE-2026-10186

Code-projects Online Hospital Management System 1.0 contains an SQL injection vulnerability in the /patient.php endpoint, triggered by manipulating the editid parameter. The flaw allows remote exploitation and has publicly disclosed exploit details. Multiple CVSS metrics across versions (e.g., CV...

CVE-2026-9355

A flaw has been found in SourceCodester Hospitals Patient Records Management System 1.0. The impacted element is an unknown function of the file /classes/Master.php?f=savepatienthistory. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely...

CVE-2026-26462

Offline Hospital Management System 5.3.0 allows remote code execution due to an improper Electron renderer configuration. The application enables Node.js integration while disabling context isolation, allowing JavaScript executed in the renderer process to access Node.js APIs and execute arbitrar...

Online-Hospital-Management-System-has-SQL-Injection

Online Hospital Management System has SQL Injection vulnerabil...

CVE-2026-36388

PHPGurukal Hospital Management System v4.0 contains a stored XSS flaw in /hospital/hms/edit-profile.php. An authenticated patient can inject a script via the User Name field, which is stored and later rendered in the doctor interface. The vulnerability is caused by unsanitized input being stored ...

CVE-2026-7631

The CVE affects code-projects Online Hospital Management System 1.0, specifically the Registration Handler’s unknown function. The vulnerability arises from manipulation of the Username parameter, resulting in improper authorization. It can be exploited remotely, with public exploit availability....

CVE-2026-7631 code-projects Online Hospital Management System Registration improper authorization

A vulnerability was found in code-projects Online Hospital Management System 1.0. The impacted element is an unknown function of the component Registration Handler. The manipulation of the argument Username results in improper authorization. The attack can be executed remotely. The exploit has be...

Code-Projects Online Hospital Management System 安全漏洞

Code-Projects Online Hospital Management System is an open-source online hospital management system developed by Code-Projects. Version 1.0 of the Code-Projects Online Hospital Management System contains a security vulnerability. This vulnerability stems from the handling of the parameter...

CGM CLININET SQL注入漏洞

CGM CLININET is a hospital information management system developed by the German company CGM. CGM CLININET has a SQL injection vulnerability, which stems from the SQL injection vulnerability present in the validateOrgUnit function within the CheckUnitCodeAndKey.pl service...

CGM CLININET 安全漏洞

CGM CLININET is a hospital information management system developed by the German company CGM. CGM CLININET has a security vulnerability, which stems from the absence of necessary security HTTP headers in responses. This vulnerability may lead to client-side attacks such as clickjacking, MIME...

CVE-2025-70063

The Medical History module of PHPGurukul Hospital Management System v4.0 exposes an Insecure Direct Object Reference (IDOR) vulnerability. The application does not verify that the requested viewid belongs to the currently authenticated patient, allowing an attacker to enumerate viewid values to a...

CVE-2025-70063

The 'Medical History' module in PHPGurukul Hospital Management System v4.0 contains an Insecure Direct Object Reference IDOR vulnerability. The application fails to verify that the requested 'viewid' parameter belongs to the currently authenticated patient. This allows a user to access the...

CVE-2026-2179 PHPGurukul Hospital Management System manage-users.php sql injection

A vulnerability was determined in PHPGurukul Hospital Management System 4.0. This impacts an unknown function of the file /admin/manage-users.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be...

CVE-2026-2134

The CVE-2026-2134 entry affects PHPGurukul Hospital Management System 4.0, specifically the /hms/admin/manage-doctors.php file. The vulnerability arises from manipulation of the ID argument, leading to an SQL injection in an unknown function. This could be exploited remotely, and public disclosur...

PT-2026-5237

Name of the Vulnerable Software and Affected Versions PHPGurukul Hospital Management System version 1.0 Description A security flaw exists in PHPGurukul Hospital Management System 1.0, specifically within the Admin Dashboard Page component, related to improper authorization. The issue is located ...

CVE-2025-63719

Campcodes Online Hospital Management System 1.0 is vulnerable to SQL Injection in /admin/index.php via the parameter username...

CVE-2025-63719

Campcodes Online Hospital Management System 1.0 is vulnerable to SQL Injection in /admin/index.php via the parameter username...

CVE-2025-63719

Campcodes Online Hospital Management System 1.0 is vulnerable to SQL Injection in /admin/index.php via the parameter username...