EUVD-2026-22271

SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/manageappointment.php...

CVE-2026-37601

SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/manage_appointment.php. The CVE notes a database-query flaw exploitable via that PHP endpoint, but no specific impact, affected version ranges beyond v1.0, or concrete...

CVE-2023-4440

A vulnerability was found in SourceCodester Free Hospital Management System for Small Practices 1.0. It has been classified as critical. This affects an unknown part of the file appointment.php. The manipulation of the argument sheduledate leads to sql injection. It is possible to initiate the...

CVE-2025-11614

SourceCodester Best Salon Management System 1.0 is affected by an SQL injection in /panel/edit-appointment.php via the editid parameter. The issue is exploitable remotely and is supported by publicly available exploits; multiple sources confirm impact on confidentiality, integrity, and availabili...

CVE-2025-11505 PHPGurukul Beauty Parlour Management System new-appointment.php sql injection

A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly availab...

CVE-2025-11505 PHPGurukul Beauty Parlour Management System new-appointment.php sql injection

A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly availab...

EUVD-2025-26656

Malicious code in bioql PyPI...

EUVD-2025-25010

Malicious code in bioql PyPI...

CVE-2025-10825

A vulnerability was identified in Campcodes Online Beauty Parlor Management System 1.0. Affected is an unknown function of the file /admin/view-appointment.php. The manipulation of the argument viewid leads to sql injection. The attack can be initiated remotely. The exploit is publicly available...

CVE-2025-10825

CVE-2025-10825 affects Campcodes Online Beauty Parlor Management System 1.0. The vulnerability occurs in the file /admin/view-appointment.php via manipulation of the viewid parameter, leading to SQL injection. Exploitation can be carried out remotely, and public PoCs are referenced across sources...

CVE-2025-9024

A vulnerability was found in PHPGurukul Beauty Parlour Management System 1.1. Affected by this vulnerability is an unknown functionality of the file /book-appointment.php. The manipulation of the argument Message leads to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2025-9024

CVE-2025-9024 affects PHPGurukul Beauty Parlour Management System v1.1, specifically the /book-appointment.php file. The vulnerability is an SQL injection in the Message parameter, exploitable remotely with a disclosed exploit. Multiple sources confirm impact to the database (data exposure/altera...

CVE-2025-9024 PHPGurukul Beauty Parlour Management System book-appointment.php sql injection

A vulnerability was found in PHPGurukul Beauty Parlour Management System 1.1. Affected by this vulnerability is an unknown functionality of the file /book-appointment.php. The manipulation of the argument Message leads to sql injection. The attack can be launched remotely. The exploit has been...

PT-2025-33469 · Phpgurukul · Phpgurukul Beauty Parlour Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Beauty Parlour Management System version 1.1 Description: A SQL injection issue exists in PHPGurukul Beauty Parlour Management System 1.1, specifically within the /book-appointment.php file. The Message parameter is susceptible to...

CVE-2025-4816

A vulnerability was found in SourceCodester Doctor's Appointment System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/appointment.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection. It is possible to...

PT-2025-15062 · Unknown · Phpgurukul Men Salon Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Men Salon Management System version 1.0 Description: A critical issue was found in the PHPGurukul Men Salon Management System, affecting some unknown functionality of the file /appointment.php. The manipulation of the Name argument...

PT-2024-17157 · Unknown · 1000 Projects Beauty Parlour Management System

Name of the Vulnerable Software and Affected Versions: 1000 Projects Beauty Parlour Management System version 1.0 Description: A critical issue has been found in the 1000 Projects Beauty Parlour Management System. The problem affects the file /admin/search-appointment.php and is related to the...

Vulnerability of the /patient/appointment.php file in the small medical institution management system SourceCodester Free Hospital Management System for Small Practices. This vulnerability allows an attacker to execute arbitrary SQL queries against the database.

The vulnerability of the /patient/appointment.php file in the small medical institution management system SourceCodester Free Hospital Management System for Small Practices is related to the lack of protective measures for the SQL query structure. Exploitation of this vulnerability allows an...

CVE-2023-4441

A vulnerability was found in SourceCodester Free Hospital Management System for Small Practices 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /patient/appointment.php. The manipulation of the argument sheduledate leads to sql injection. The attack can ...

CVE-2023-4440

A vulnerability was found in SourceCodester Free Hospital Management System for Small Practices 1.0. It has been classified as critical. This affects an unknown part of the file appointment.php. The manipulation of the argument sheduledate leads to sql injection. It is possible to initiate the...