CVE-2025-63497

The patient prescription viewing functionality in hisdocviewsinglepatient.php of rickxy Hospital Management System version 1.0 contains an SQL injection vulnerability. The patnumber GET parameter is directly concatenated into SQL queries without proper sanitization, allowing authenticated attacke...

PT-2025-46180

Name of the Vulnerable Software and Affected Versions rickxy Hospital Management System version 1.0 Description The patient prescription viewing functionality within the his doc view single patient.php component contains an SQL injection issue. The pat number GET parameter is directly incorporate...

CVE-2025-45805

In phpgurukul Doctor Appointment Management System 1.0, an authenticated doctor user can inject arbitrary JavaScript code into their profile name. This payload is subsequently rendered without proper sanitization, when a user visits the website and selects the doctor to book an appointment...

CVE-2025-45805

In phpgurukul Doctor Appointment Management System 1.0, an authenticated doctor user can inject arbitrary JavaScript code into their profile name. This payload is subsequently rendered without proper sanitization, when a user visits the website and selects the doctor to book an appointment...