Lucene search
+L

112 matches found

Vulnrichment
Vulnrichment
added 2026/02/08 11:32 a.m.3 views

CVE-2026-2150 SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System checkin.php cross site scripting

A flaw has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this issue is some unknown functionality of the file /checkin.php. This manipulation of the argument patientid causes cross site scripting. The attack can be initiated remotely. Th...

5.3CVSS3.7AI score0.00352EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/08 11:32 a.m.7 views

CVE-2026-2150

A flaw has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this issue is some unknown functionality of the file /checkin.php. This manipulation of the argument patientid causes cross site scripting. The attack can be initiated remotely. Th...

5.3CVSS3.8AI score0.00352EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/02/08 11:32 a.m.41 views

CVE-2026-2150 SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System checkin.php cross site scripting

A flaw has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this issue is some unknown functionality of the file /checkin.php. This manipulation of the argument patientid causes cross site scripting. The attack can be initiated remotely. Th...

5.3CVSS0.00352EPSS
Exploits1References4
CVE
CVE
added 2026/02/08 11:32 a.m.19 views

CVE-2026-2150

CVE-2026-2150 affects SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System v1.0. The vulnerability is a cross-site scripting flaw in the /checkin.php file where manipulating the patient_id argument enables XSS. The issue can be triggered remotely and an exploit has been publ...

6.1CVSS3.8AI score0.00352EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/02/08 12:0 a.m.7 views

SourceCodester Patients Waiting Area Queue Management System 代码注入漏洞

The SourceCodester Patients Waiting Area Queue Management System is an open-source system developed by SourceCodester for managing patient waiting queues. Version 1.0 of the SourceCodester Patients Waiting Area Queue Management System contains a code injection vulnerability. This vulnerability...

6.1CVSS5.7AI score0.00352EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/02/08 12:0 a.m.8 views

PT-2026-6977

Name of the Vulnerable Software and Affected Versions SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System version 1.0 Description A flaw exists in the Patients Waiting Area Queue Management System that allows for cross site scripting. This manipulation occurs through the...

5.3CVSS4AI score0.00352EPSS
Exploits1References6
EUVD
EUVD
added 2025/11/13 6:2 p.m.5 views

EUVD-2025-175342

A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. The affected element is the function getPatientAppointment of the file /php/apipatientcheckin.php. Performing manipulation of the argument appointmentID results in sql injection. It is possible to...

7.5CVSS7.3AI score0.00427EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/11/13 6:2 p.m.5 views

CVE-2025-13122 SourceCodester Patients Waiting Area Queue Management System api_patient_checkin.php getPatientAppointment sql injection

A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. The affected element is the function getPatientAppointment of the file /php/apipatientcheckin.php. Performing manipulation of the argument appointmentID results in sql injection. It is possible to...

7.5CVSS7.3AI score0.00427EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/11/13 6:2 p.m.17 views

CVE-2025-13122 SourceCodester Patients Waiting Area Queue Management System api_patient_checkin.php getPatientAppointment sql injection

A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. The affected element is the function getPatientAppointment of the file /php/apipatientcheckin.php. Performing manipulation of the argument appointmentID results in sql injection. It is possible to...

7.5CVSS0.00427EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-50527

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00924EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-50525

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01148EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-50526

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01072EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/08/30 6:16 p.m.5 views

CVE-2024-8860

The Tourfic plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tforderstatusemailresendfunction, tfvisitordetailseditfunction, tfcheckinoutdetailseditfunction, tforderstatuseditfunction, tforderbulkactioneditfunction,...

4.3CVSS5.1AI score0.0023EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/26 7:6 a.m.3 views

CVE-2024-8860 Tourfic <= 2.14.5 - Missing Authorization in Multiple Functions

The Tourfic plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tforderstatusemailresendfunction, tfvisitordetailseditfunction, tfcheckinoutdetailseditfunction, tforderstatuseditfunction, tforderbulkactioneditfunction,...

4.3CVSS6.7AI score0.0023EPSS
Exploits0References2
CVE
CVE
added 2025/08/26 7:6 a.m.15 views

CVE-2024-8860

The CVE-2024-8860 case concerns the WordPress Tourfic plugin (versions up to and including 2.14.5). The vulnerability arises from missing capability checks in multiple functions (tf_order_status_email_resend_function, tf_visitor_details_edit_function, tf_checkinout_details_edit_function, tf_order...

4.3CVSS6.2AI score0.0023EPSS
Exploits0References2
CISA KEV Catalog
CISA KEV Catalog
added 2025/07/22 12:0 a.m.10 views

SysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability

SysAid On-Prem contains an improper restriction of XML external entity reference vulnerability in the Checkin processing functionality, allowing for administrator account takeover and file read primitives...

9.3CVSS9.5AI score0.5461EPSS
In wildExploits1
BDU FSTEC
BDU FSTEC
added 2025/06/09 12:0 a.m.7 views

The vulnerability in the GetMdmMessage class of SysAid software allows attackers to perform XXE attacks.

The vulnerability in the GetMdmMessage class of SysAid support and control software relates to incorrect restrictions on XML links to external objects during the processing of the /mdm/checkin endpoint. Exploiting this vulnerability allows a remote attacker to perform XXE attacks...

9.3CVSS8.1AI score0.5461EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 10:17 a.m.9 views

CVE-2024-30924

Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the checkin.php component...

4.6CVSS7.3AI score0.00341EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:27 a.m.9 views

CVE-2022-47770

Serenissima Informatica Fast Checkin version v1.0 is vulnerable to Unauthenticated SQL Injection...

9.8CVSS7.5AI score0.00924EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:27 a.m.11 views

CVE-2022-47768

Serenissima Informatica Fast Checkin 1.0 is vulnerable to Directory Traversal...

7.5CVSS6.9AI score0.01148EPSS
Exploits1
Rows per page
Query Builder