CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

RedhatCVE•added 2025/12/12 1:6 a.m.•2 views

CVE-2025-66918

edoc-doctor-appointment-system v1.0.1 is vulnerable to Cross Site Scripting XSS in admin/add-session.php via the "title" parameter...

8.8CVSS6.3AI score0.00127EPSS

Exploits1References1

OSV•added 2025/12/11 6:16 p.m.•2 views

CVE-2025-66918

edoc-doctor-appointment-system v1.0.1 is vulnerable to Cross Site Scripting XSS in admin/add-session.php via the "title" parameter...

8.8CVSS5.8AI score0.00127EPSS

Exploits1References2

CNNVD•added 2025/12/11 12:0 a.m.•3 views

Edoc-doctor-appointment-system 安全漏洞

Edoc-doctor-appointment-system is a simple web project for e-channels by HashenUdara Personal Developer. A security vulnerability exists in Edoc-doctor-appointment-system version 1.0.1, which stems from an unfiltered title parameter in admin/add-session.php, which could lead to a cross-site...

8.8CVSS6.1AI score0.00127EPSS

Exploits1References2

Positive Technologies•added 2025/12/11 12:0 a.m.•4 views

PT-2025-50648

Name of the Vulnerable Software and Affected Versions edoc-doctor-appointment-system version 1.0.1 Description The edoc-doctor-appointment-system software is affected by a Cross Site Scripting XSS issue. This issue occurs in the 'admin/add-session.php' component through the title parameter...

8.8CVSS6.2AI score0.00127EPSS

Exploits1References5

CVE•added 2025/12/11 12:0 a.m.•7 views

CVE-2025-66918

The CVE-2025-66918 entry concerns edoc-doctor-appointment-system v1.0.1 with a Cross Site Scripting (XSS) flaw in admin/add-session.php via the title parameter. The vulnerability is triggered by unsanitized user input in the title field, enabling script injection. Documents consistently describe ...

8.8CVSS5.8AI score0.00127EPSS

Exploits1References2Affected Software1