16 matches found
EUVD-2021-32568
Malicious code in bioql PyPI...
EUVD-2021-30953
Malicious code in bioql PyPI...
CVE-2021-43630
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in addpatient.php. As a result, an authenticated malicious user can compromise the databases system and in some cases leverage this vulnerability to get remote code execution on the remote web...
CVE-2021-43631
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointmentno parameter in payment.php...
CVE-2022-33880
hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter...
Sql injection
hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter...
CVE-2022-33880
Projectworlds Hospital Management System Mini-Project contains an SQL injection in hms-staff.php via the type parameter, affecting versions prior to 2018-06-17. The root cause is unsafely constructed SQL in that file, enabling data disclosure or unauthorized access as described in related advisor...
CVE-2022-33880
hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter...
CVE-2021-44095
A SQL injection vulnerability exists in ProjectWorlds Hospital Management System in php 1.0 on login page that allows a remote attacker to compromise Application SQL database...
Design/Logic Flaw
An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious attackers can add patients without restriction via addpatient.php...
CVE-2021-45852
Projectworlds Hospital Management System v1.0 contains a privilege error allowing an unauthorized attacker to add patients without restriction via add_patient.php (and related add_ppatient.php in some references). The core issue is improper authorization for patient creation, enabling unlimited e...
CVE-2021-43631
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointmentno parameter in payment.php...
CVE-2021-43628
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php...
CVE-2021-43629
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in adminhome.php...
Sql injection
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php...
CVE-2021-43628
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php...