112 matches found
CVE-2026-2150 SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System checkin.php cross site scripting
A flaw has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this issue is some unknown functionality of the file /checkin.php. This manipulation of the argument patientid causes cross site scripting. The attack can be initiated remotely. Th...
CVE-2026-2150
A flaw has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this issue is some unknown functionality of the file /checkin.php. This manipulation of the argument patientid causes cross site scripting. The attack can be initiated remotely. Th...
CVE-2026-2150 SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System checkin.php cross site scripting
A flaw has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this issue is some unknown functionality of the file /checkin.php. This manipulation of the argument patientid causes cross site scripting. The attack can be initiated remotely. Th...
CVE-2026-2150
CVE-2026-2150 affects SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System v1.0. The vulnerability is a cross-site scripting flaw in the /checkin.php file where manipulating the patient_id argument enables XSS. The issue can be triggered remotely and an exploit has been publ...
SourceCodester Patients Waiting Area Queue Management System 代码注入漏洞
The SourceCodester Patients Waiting Area Queue Management System is an open-source system developed by SourceCodester for managing patient waiting queues. Version 1.0 of the SourceCodester Patients Waiting Area Queue Management System contains a code injection vulnerability. This vulnerability...
PT-2026-6977
Name of the Vulnerable Software and Affected Versions SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System version 1.0 Description A flaw exists in the Patients Waiting Area Queue Management System that allows for cross site scripting. This manipulation occurs through the...
EUVD-2025-175342
A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. The affected element is the function getPatientAppointment of the file /php/apipatientcheckin.php. Performing manipulation of the argument appointmentID results in sql injection. It is possible to...
CVE-2025-13122 SourceCodester Patients Waiting Area Queue Management System api_patient_checkin.php getPatientAppointment sql injection
A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. The affected element is the function getPatientAppointment of the file /php/apipatientcheckin.php. Performing manipulation of the argument appointmentID results in sql injection. It is possible to...
CVE-2025-13122 SourceCodester Patients Waiting Area Queue Management System api_patient_checkin.php getPatientAppointment sql injection
A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. The affected element is the function getPatientAppointment of the file /php/apipatientcheckin.php. Performing manipulation of the argument appointmentID results in sql injection. It is possible to...
EUVD-2022-50527
Malicious code in bioql PyPI...
EUVD-2022-50525
Malicious code in bioql PyPI...
EUVD-2022-50526
Malicious code in bioql PyPI...
CVE-2024-8860
The Tourfic plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tforderstatusemailresendfunction, tfvisitordetailseditfunction, tfcheckinoutdetailseditfunction, tforderstatuseditfunction, tforderbulkactioneditfunction,...
CVE-2024-8860 Tourfic <= 2.14.5 - Missing Authorization in Multiple Functions
The Tourfic plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tforderstatusemailresendfunction, tfvisitordetailseditfunction, tfcheckinoutdetailseditfunction, tforderstatuseditfunction, tforderbulkactioneditfunction,...
CVE-2024-8860
The CVE-2024-8860 case concerns the WordPress Tourfic plugin (versions up to and including 2.14.5). The vulnerability arises from missing capability checks in multiple functions (tf_order_status_email_resend_function, tf_visitor_details_edit_function, tf_checkinout_details_edit_function, tf_order...
SysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability
SysAid On-Prem contains an improper restriction of XML external entity reference vulnerability in the Checkin processing functionality, allowing for administrator account takeover and file read primitives...
The vulnerability in the GetMdmMessage class of SysAid software allows attackers to perform XXE attacks.
The vulnerability in the GetMdmMessage class of SysAid support and control software relates to incorrect restrictions on XML links to external objects during the processing of the /mdm/checkin endpoint. Exploiting this vulnerability allows a remote attacker to perform XXE attacks...
CVE-2024-30924
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the checkin.php component...
CVE-2022-47770
Serenissima Informatica Fast Checkin version v1.0 is vulnerable to Unauthenticated SQL Injection...
CVE-2022-47768
Serenissima Informatica Fast Checkin 1.0 is vulnerable to Directory Traversal...