CVE-2026-8785 projectworlds hospital-management-system-in-php GET Parameter update_info.php getAllPatientDetail sql injection

A flaw has been found in projectworlds hospital-management-system-in-php 1.0. Affected by this vulnerability is the function getAllPatientDetail of the file updateinfo.php of the component GET Parameter Handler. Executing a manipulation of the argument appointmentno can lead to sql injection. The...

Projectworlds Hospital Management System 注入漏洞

Projectworlds Hospital Management System is a hospital management system developed by the Austrian company Projectworlds. Version 1.0 of the Projectworlds Hospital Management System has a SQL injection vulnerability. This vulnerability arises from the function getAllPatientDetail in the GET...

EUVD-2021-30953

Malicious code in bioql PyPI...

EUVD-2021-32568

Malicious code in bioql PyPI...

CVE-2021-43630

Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in addpatient.php. As a result, an authenticated malicious user can compromise the databases system and in some cases leverage this vulnerability to get remote code execution on the remote web...

CVE-2021-43631

Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointmentno parameter in payment.php...

Projectworlds Hospital Database Management System 注入漏洞

Projectworlds Hospital Database Management System is a hospital database management system from Projectworlds India. An injection vulnerability exists in Projectworlds Hospital Database Management System version 1.0, which stems from improper handling of the parameter MedID in the file...

CVE-2022-33880

hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter...

Sql injection

hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter...

CVE-2022-33880

Projectworlds Hospital Management System Mini-Project contains an SQL injection in hms-staff.php via the type parameter, affecting versions prior to 2018-06-17. The root cause is unsafely constructed SQL in that file, enabling data disclosure or unauthorized access as described in related advisor...

CVE-2022-33880

hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter...

CVE-2021-44095

A SQL injection vulnerability exists in ProjectWorlds Hospital Management System in php 1.0 on login page that allows a remote attacker to compromise Application SQL database...

Design/Logic Flaw

An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious attackers can add patients without restriction via addpatient.php...

CVE-2021-45852

Projectworlds Hospital Management System v1.0 contains a privilege error allowing an unauthorized attacker to add patients without restriction via add_patient.php (and related add_ppatient.php in some references). The core issue is improper authorization for patient creation, enabling unlimited e...

Projectworlds Hospital Management System 安全漏洞

Projectworlds Hospital Management System is a hospital management system from Projectworlds Austria. Projectworlds Hospital Management System version 1.0 is vulnerable to a privilege error that could be exploited by an unauthorized attacker to add unlimited patients via addppatient.php...

CVE-2021-43629

Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in adminhome.php...

CVE-2021-43631

Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointmentno parameter in payment.php...

CVE-2021-43628

Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php...

CVE-2021-43631

Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointmentno parameter in payment.php...

Sql injection

Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php...