Lucene search
K

1695 matches found

Nuclei
Nuclei
added 11 hours ago25 views

Hospital Management System 1.0 - Cross-Site Scripting

Hospital Management System 1.0 contains a cross-site scripting vulnerability via the searchdata parameter in doctor/search.php and patient-search.php. id: CVE-2021-39411 info: name: Hospital Management System 1.0 - Cross-Site Scripting author: arafatansari severity: high description: | Hospital...

6.1CVSS6.3AI score0.0089EPSS
Exploits0References2
Nuclei
Nuclei
added 11 hours ago64 views

Hospital Management System 1.0 - SQL Injection

Hospital Management System 1.0 contains a SQL injection vulnerability via the editid parameter in /HMS/admin.php. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id:...

7.2CVSS7.2AI score0.03745EPSS
Exploits1References5
Nuclei
Nuclei
added 11 hours ago70 views

Hospital Management System 1.0 - SQL Injection

Hospital Management System 1.0 contains a SQL injection vulnerability via the editid parameter in /HMS/doctor.php. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id:...

9.8CVSS7.3AI score0.07537EPSS
Exploits1References4
Nuclei
Nuclei
added 11 hours ago38 views

PHPGurukul Hospital Management System - Cross-Site Scripting

PHPGurukul Hospital Management System in PHP 4.0 contains multiple cross-site scripting vulnerabilities. An attacker can execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. id: CVE-2020-5191 info: name: PHPGurukul Hospital Management System -...

6.1CVSS6.6AI score0.0552EPSS
Exploits3References5
Nuclei
Nuclei
added yesterday10 views

PHPGurukul Hospital Management System 4.0 - SQL Injection

PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\user-login.php. Remote unauthenticated users can exploit the vulnerability to obtain sensitive database information. id: CVE-2020-22165 info: name: PHPGurukul Hospital Management System 4.0 - SQL Injection...

7.5CVSS7.1AI score0.06348EPSS
Exploits1References2
EUVD
EUVD
added yesterday8 views

EUVD-2026-41786

A vulnerability was found in itsourcecode Hospital Management System 1.0. This affects an unknown function of the file /payment.php. The manipulation of the argument patientid results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

6.5CVSS5.8AI score0.00204EPSS
Exploits0References7
EUVD
EUVD
added yesterday6 views

EUVD-2026-41789

A vulnerability was determined in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /paymentdischarge.php. This manipulation of the argument patientid causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and ma...

6.5CVSS5.9AI score0.00204EPSS
Exploits0References7
NVD
NVD
added 2 days ago7 views

CVE-2026-14774

A vulnerability was determined in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /paymentdischarge.php. This manipulation of the argument patientid causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and ma...

6.5CVSS0.00204EPSS
Exploits0References6
NVD
NVD
added 2 days ago6 views

CVE-2026-14773

A vulnerability was found in itsourcecode Hospital Management System 1.0. This affects an unknown function of the file /payment.php. The manipulation of the argument patientid results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

6.5CVSS0.00204EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2 days ago5 views

CVE-2026-14774

A vulnerability was determined in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /paymentdischarge.php. This manipulation of the argument patientid causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and ma...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2 days ago25 views

CVE-2026-14774 itsourcecode Hospital Management System paymentdischarge.php sql injection

A vulnerability was determined in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /paymentdischarge.php. This manipulation of the argument patientid causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and ma...

6.5CVSS0.00204EPSS
Exploits0References6
CVE
CVE
added 2 days ago10 views

CVE-2026-14773

Affects itsourcecode Hospital Management System 1.0. The vulnerability is in the /payment.php file, where manipulating the patientid parameter leads to SQL injection. It is remotely exploitable and the exploit has been made public, enabling potential attackers to weaponize it. The CVSS-based summ...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-14773

A vulnerability was found in itsourcecode Hospital Management System 1.0. This affects an unknown function of the file /payment.php. The manipulation of the argument patientid results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2 days ago5 views

CVE-2026-14731

A weakness has been identified in itsourcecode Hospital Management System 1.0. This affects an unknown part of the file /patientreport.php. Executing a manipulation of the argument editid can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the...

6.5CVSS0.002EPSS
Exploits0References6
NVD
NVD
added 2 days ago5 views

CVE-2026-14730

A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /patientprofile.php. Performing a manipulation of the argument patientname results in sql injection. The attack can be initiated remotely. The explo...

6.5CVSS0.002EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-14731 itsourcecode Hospital Management System patientreport.php sql injection

A weakness has been identified in itsourcecode Hospital Management System 1.0. This affects an unknown part of the file /patientreport.php. Executing a manipulation of the argument editid can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the...

6.5CVSS0.002EPSS
Exploits0References6
EUVD
EUVD
added 2 days ago8 views

EUVD-2026-41739

A weakness has been identified in itsourcecode Hospital Management System 1.0. This affects an unknown part of the file /patientreport.php. Executing a manipulation of the argument editid can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the...

6.5CVSS6.6AI score0.002EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2 days ago5 views

CVE-2026-14731

A weakness has been identified in itsourcecode Hospital Management System 1.0. This affects an unknown part of the file /patientreport.php. Executing a manipulation of the argument editid can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the...

6.5CVSS6.6AI score0.002EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2 days ago10 views

CVE-2026-14731

CVE-2026-14731 affects the itsourcecode Hospital Management System 1.0. The vulnerability is in an unknown portion of the file /patientreport.php where manipulating the argument editid leads to SQL injection. It can be exploited remotely and, per the description, the exploit has been made publicl...

6.5CVSS6.6AI score0.002EPSS
Exploits0References6
CVE
CVE
added 2 days ago9 views

CVE-2026-14730

The vulnerability CVE-2026-14730 affects itsourcecode Hospital Management System 1.0. Affected component: /patientprofile.php where manipulating the patientname parameter enables SQL injection. Exploitation is remote; an exploit is publicly available. According to the description, the impact is c...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
Rows per page
Query Builder