12 matches found
CVE-2026-37598
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to arbitrary code execution RCE via /scheduler/classes/SystemSettings.php?f=updatesettings...
CVE-2026-37601
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/manageappointment.php...
CVE-2026-37602
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/user/manageuser.php...
EUVD-2026-22271
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/manageappointment.php...
PT-2026-32640
CVE-2026-37600 SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/view details.php. https://t.co/uQ5V37C8xd...
CVE-2026-37601
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/manageappointment.php...
PT-2026-32642
CVE-2026-37602 SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/user/manage user.php. https://t.co/KXDGr8fSPw...
CVE-2026-37601
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/manage_appointment.php. The CVE notes a database-query flaw exploitable via that PHP endpoint, but no specific impact, affected version ranges beyond v1.0, or concrete...
CVE-2026-37602
SourceCodester Patient Appointment Scheduler System v1.0 is affected by a SQL Injection in /scheduler/admin/user/manage_user.php. The CVE reports a low-severity issue (CVSS v3.1: 2.7, LOW) with NETWORK attack vector, HIGH privileges required, and no user interaction. Impact is limited to confiden...
PT-2026-32641
CVE-2026-37601 SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/manage appointment.php. https://t.co/UmuQdNNj6l...
CVE-2026-37598
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to arbitrary code execution RCE via /scheduler/classes/SystemSettings.php?f=updatesettings...
CVE-2021-41660
SQL injection vulnerability in Sourcecodester Patient Appointment Scheduler System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username and password fields to login.php...