19 matches found
CVE-2026-2154
A vulnerability was identified in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Impacted is an unknown function of the file /registration.php of the component Patient Registration Module. The manipulation of the argument First Name leads to cross site scripting...
CVE-2026-2154
A vulnerability was identified in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Impacted is an unknown function of the file /registration.php of the component Patient Registration Module. The manipulation of the argument First Name leads to cross site scripting...
CVE-2026-2154
A vulnerability was identified in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Impacted is an unknown function of the file /registration.php of the component Patient Registration Module. The manipulation of the argument First Name leads to cross site scripting...
CVE-2026-2154 SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System Patient Registration registration.php cross site scripting
A vulnerability was identified in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Impacted is an unknown function of the file /registration.php of the component Patient Registration Module. The manipulation of the argument First Name leads to cross site scripting...
CVE-2026-2154
The CVE describes a cross-site scripting (XSS) vulnerability in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0, affecting the Patient Registration Module via /registration.php. The vulnerability stems from manipulating the First Name parameter, enabling remote expl...
EUVD-2026-5795
A vulnerability was identified in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Impacted is an unknown function of the file /registration.php of the component Patient Registration Module. The manipulation of the argument First Name leads to cross site scripting...
PT-2026-6982
A vulnerability was identified in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Impacted is an unknown function of the file /registration.php of the component Patient Registration Module. The manipulation of the argument First Name leads to cross site scripting...
EUVD-2021-22972
Malware in sbrugna...
Simple-Hospital-Management-System-in-Python-CodeAstro-Patients-Stored-XSS
It is an offensive tool for web application. This repository con...
CVE-2025-32794
OpenEMR is a free and open source electronic health records and medical practice management application. A stored cross-site scripting XSS vulnerability in versions prior to 7.0.3.4 allows any authenticated user with patient creation privileges to inject arbitrary JavaScript code into the system ...
CVE-2025-32794
OpenEMR is a free and open source electronic health records and medical practice management application. A stored cross-site scripting XSS vulnerability in versions prior to 7.0.3.4 allows any authenticated user with patient creation privileges to inject arbitrary JavaScript code into the system ...
CVE-2025-32794
OpenEMR CVE-2025-32794 is a stored XSS vulnerability in the patient registration flow (First/Last Name) that affects versions prior to 7.0.3.4. An authenticated user with patient creation privileges can inject JavaScript, which is executed when viewing the patient encounter under Orders → Procedu...
CVE-2025-32794 OpenEMR Stored XSS via Patient Name Field in Procedure Orders
OpenEMR is a free and open source electronic health records and medical practice management application. A stored cross-site scripting XSS vulnerability in versions prior to 7.0.3.4 allows any authenticated user with patient creation privileges to inject arbitrary JavaScript code into the system ...
PT-2025-22807 · Openemr · Openemr
Name of the Vulnerable Software and Affected Versions: OpenEMR versions prior to 7.0.3.4 Description: A stored cross-site scripting XSS vulnerability allows any authenticated user with patient creation privileges to inject arbitrary JavaScript code into the system by entering malicious payloads i...
CVE-2021-36352
Stored cross-site scripting XSS vulnerability in Care2x Hospital Information Management 2.7 Alpha. The vulnerability has found POST requests in /modules/registrationadmission/patientregister.php page with "namemiddle", "addrstr", "station", "namemaiden", "name2", "name3" parameters...
CVE-2021-30039
Cross Site Scripting XSS in Remote Clinic v2.0 via the "Fever" or "Blood Pressure" field on the patients/register-report.php...
CVE-2024-11678
CodeAstro Hospital Management System 1.0 is affected by a cross-site scripting vulnerability in /backend/doc/his_doc_register_patient.php. The issue arises from manipulating the parameters pat_fname, pat_ailment, pat_lname, pat_age, pat_dob, pat_number, pat_phone, pat_type, and pat_addr, allowing...
CVE-2021-39416
Multiple Cross Site Scripting XSS vulnerabilities exists in Remote Clinic v2.0 in 1 patients/register-patient.php via the a Contact, b Email, c Weight, d Profession, e refcontact, f address, g gender, h age, and i serial parameters; in 2 patients/edit-patient.php via the a Contact, b Email, c...
Cross site scripting
Cross Site Scripting XSS in Remote Clinic v2.0 via the "Fever" or "Blood Pressure" field on the patients/register-report.php...