CVE-2025-63514

kishan0725 Hospital Management System has a Cross-Site Scripting XSS vulnerability in appsearch.php via the email parameter...

CVE-2025-63514

kishan0725 Hospital Management System has a Cross-Site Scripting XSS vulnerability in appsearch.php via the email parameter...

Hospital Management System 安全漏洞

Hospital Management System is a hospital management software by the individual developer Pon Aravind Boominathan. A security vulnerability exists in Hospital Management System that stems from improper handling of the email parameter in appsearch.php, which could lead to cross-site scripting...

CVE-2025-63514

The CVE-2025-63514 entry documents a Cross-Site Scripting (XSS) vulnerability in the kishan0725 Hospital Management System, specifically in the appsearch.php script, exploitable via the email parameter. The PT-2025-47369 report reiterates a user-controlled input in the email parameter leading to ...

CVE-2025-63514

kishan0725 Hospital Management System has a Cross-Site Scripting XSS vulnerability in appsearch.php via the email parameter...

Hospital Management System 安全漏洞

Hospital Management System is a hospital management system by Kishan Lal, an individual developer. A security vulnerability exists in Hospital Management System version v4, which originates from a SQL injection due to incorrect manipulation of the parameter appcontact in the file appsearch.php...

Hospital Management System SQL Injection Vulnerability

Hospital Management System HMS is a computerized system that helps manage healthcare-related information and helps healthcare providers do their jobs efficiently. Hospital Management System has a SQL injection vulnerability that stems from the discovery of a contained SQL injection vulnerability...

Elastic: CSRF in AppSearch allows creation of "curations"

Summary Hello team! The curations creation for AppSearch engines can happen on a GET request which means there's no CSRF protection. Steps to reproduce 1. In one tab visit this page on my Elastic Cloud instance:...