CVE-2026-6006

A vulnerability has been found in code-projects Patient Record Management System 1.0. The impacted element is an unknown function of the file /edithpatient.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

EUVD-2026-21297

A vulnerability has been found in code-projects Patient Record Management System 1.0. The impacted element is an unknown function of the file /edithpatient.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2026-6006

A vulnerability has been found in code-projects Patient Record Management System 1.0. The impacted element is an unknown function of the file /edithpatient.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

EUVD-2026-20930

A weakness has been identified in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /db/hcpms.sql of the component SQL Database Backup File Handler. Executing a manipulation can lead to information disclosure. The attack can be launched remotely. The...

CVE-2026-5960

A weakness has been identified in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /db/hcpms.sql of the component SQL Database Backup File Handler. Executing a manipulation can lead to information disclosure. The attack can be launched remotely. The...

PT-2026-31636

A weakness has been identified in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /db/hcpms.sql of the component SQL Database Backup File Handler. Executing a manipulation can lead to information disclosure. The attack can be launched remotely. The...

CVE-2026-2706

A flaw has been found in code-projects Patient Record Management System 1.0. This affects an unknown function of the file /fecalysisnot.php. This manipulation of the argument compid causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...

CVE-2026-2706 code-projects Patient Record Management System fecalysis_not.php sql injection

A flaw has been found in code-projects Patient Record Management System 1.0. This affects an unknown function of the file /fecalysisnot.php. This manipulation of the argument compid causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...

CVE-2026-2706

CVE-2026-2706 affects code-projects Patient Record Management System 1.0. The vulnerability is in the file fecalysis_not.php (and variants listed as fecalysis not.php) where improper handling of the comp_id parameter leads to SQL injection. The issue is exploitable remotely and, per sources, the ...

CVE-2025-41003

Imaster's Patient Record Management System contains a stored Cross-Site Scripting XSS vulnerability in the endpoint ‘/projects/hospital/admin/editpatient.php’. By injecting a malicious script into the ‘firstname’ parameter, the JavaScript code is stored and executed every time a user accesses the...

CVE-2025-41003

The CVE-2025-41003 entry concerns Imaster’s Patient Record Management System, where a stored XSS vulnerability exists in the endpoint /projects/hospital/admin/edit_patient.php. The issue is triggered by injecting a malicious script into the firstname parameter, whose payload is persisted and exec...

EUVD-2025-17061

Malicious code in bioql PyPI...

Patient Record Management System xray_form.php File SQL Injection Vulnerability

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that originates from improper handling of the parameter itrno in the file /xrayform.php, which can be exploited by an attacker to bypass authenticati...

Code-Projects Patient Record Management System 注入漏洞

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that originates from improper handling of the parameter itrno in the file /xrayform.php, which can be exploited by an attacker to bypass authenticati...

CVE-2025-7147

A vulnerability has been found in CodeAstro Patient Record Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument uname leads to sql injection. The attack can be launched remotely. The...

CodeAstro Patient Record Management System 注入漏洞

CodeAstro Patient Record Management System is a patient record management system from CodeAstro. An injection vulnerability exists in CodeAstro Patient Record Management System version 1.0, which results from SQL injection due to incorrect manipulation of the parameter uname in the file /login.ph...

CVE-2025-6452

A vulnerability was found in CodeAstro Patient Record Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the component Generate New Report Page. The manipulation of the argument Patient Name/Name leads to cross site scripting. The attack may be...

CVE-2025-5857

A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /urinalysisrecord.php. The manipulation of the argument itrno leads to sql injection. The attack may be initiated remotely. The exploi...

Code-Projects Patient Record Management System 注入漏洞

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that originates from improper handling of the parameter itrno in the /urinalysisrecord.php file. The vulnerability can be exploited by an attacker to...

CVE-2025-5779

A vulnerability has been found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /birthing.php. The manipulation of the argument itrno/compid leads to sql injection. The attack can be launched...