16 matches found
EUVD-2021-32568
Malicious code in bioql PyPI...
EUVD-2021-30953
Malicious code in bioql PyPI...
CVE-2021-43630
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in addpatient.php. As a result, an authenticated malicious user can compromise the databases system and in some cases leverage this vulnerability to get remote code execution on the remote web...
CVE-2021-43631
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointmentno parameter in payment.php...
CVE-2022-33880
hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter...
Sql injection
hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter...
CVE-2022-33880
hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter...
CVE-2022-33880
Projectworlds Hospital Management System Mini-Project contains an SQL injection in hms-staff.php via the type parameter, affecting versions prior to 2018-06-17. The root cause is unsafely constructed SQL in that file, enabling data disclosure or unauthorized access as described in related advisor...
CVE-2021-44095
A SQL injection vulnerability exists in ProjectWorlds Hospital Management System in php 1.0 on login page that allows a remote attacker to compromise Application SQL database...
Design/Logic Flaw
An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious attackers can add patients without restriction via addpatient.php...
CVE-2021-45852
Projectworlds Hospital Management System v1.0 contains a privilege error allowing an unauthorized attacker to add patients without restriction via add_patient.php (and related add_ppatient.php in some references). The core issue is improper authorization for patient creation, enabling unlimited e...
CVE-2021-43631
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointmentno parameter in payment.php...
CVE-2021-43629
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in adminhome.php...
CVE-2021-43628
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php...
Sql injection
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php...
CVE-2021-43628
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php...