EUVD-2026-32187

Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Password Recovery Exploitation.This issue affects KiviCare: from n/a through = 4.3.0...

PT-2026-38225

Name of the Vulnerable Software and Affected Versions PicoTronica e-Clinic Healthcare System ECHS version 5.7 Description An issue in the Response Header Handler component within the file '/cdemos/echs/api/v2/' allows for remote information disclosure. Recommendations Upgrade to version 5.7.1...

CVE-2026-25022

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Blind SQL Injection.This issue affects KiviCare: from n/a through = 3.6.16...

CVE-2025-13267

A vulnerability was detected in SourceCodester Dental Clinic Appointment Reservation System 1.0. Impacted is an unknown function of the file /success.php. Performing manipulation of the argument username/password results in sql injection. The attack can be initiated remotely. The exploit is now...

CVE-2025-13267

A vulnerability was detected in SourceCodester Dental Clinic Appointment Reservation System 1.0. Impacted is an unknown function of the file /success.php. Performing manipulation of the argument username/password results in sql injection. The attack can be initiated remotely. The exploit is now...

EUVD-2025-197768

A vulnerability was detected in SourceCodester Dental Clinic Appointment Reservation System 1.0. Impacted is an unknown function of the file /success.php. Performing manipulation of the argument username/password results in sql injection. The attack can be initiated remotely. The exploit is now...

PT-2025-47127

Name of the Vulnerable Software and Affected Versions SourceCodester Dental Clinic Appointment Reservation System version 1.0 Description A flaw exists in SourceCodester Dental Clinic Appointment Reservation System that allows for remote SQL injection. Manipulation of the username/password...

CVE-2025-10620

The CVE-2025-10620 entry concerns itsourcecode Online Clinic Management System 1.0. It identifies an SQL injection vulnerability in unknown code within the file /editp2.php, caused by manipulating parameters id, firstname, lastname, type, age, or address. The vulnerability can be exploited remote...

CVE-2025-10618

A security vulnerability has been detected in itsourcecode Online Clinic Management System 1.0. Affected by this issue is some unknown functionality of the file transact.php. Such manipulation of the argument firstname leads to sql injection. The attack may be launched remotely. The exploit has...

CVE-2025-10618 itsourcecode Online Clinic Management System transact.php sql injection

A security vulnerability has been detected in itsourcecode Online Clinic Management System 1.0. Affected by this issue is some unknown functionality of the file transact.php. Such manipulation of the argument firstname leads to sql injection. The attack may be launched remotely. The exploit has...

PT-2025-38277

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Clinic Management System version 1.0 Description: A security issue exists in itsourcecode Online Clinic Management System 1.0 related to the transact.php file. Manipulation of the firstname parameter can lead to SQL...

PT-2025-38280

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Clinic Management System version 1.0 Description: A flaw has been found in the itsourcecode Online Clinic Management System. The vulnerability affects unknown code within the /editp2.php file. Manipulation of the id,...

CGM CLININET 代码注入漏洞

CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from a code injection vulnerability that stems from the uhcPrintServerPrint function failing to properly filter special elements of the constructed code segment. An attacker could exploit this...

CVE-2025-5716

A vulnerability classified as critical has been found in SourceCodester Open Source Clinic Management System 1.0. Affected is an unknown function of the file /login.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has be...

CVE-2023-1036

A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /APR/signup.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to cross...

CVE-2023-1037

A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /APR/login.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql...

PT-2024-32987 · Sourcecodester · Sourcecodester Open Source Clinic Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Open Source Clinic Management System version 1.0 Description: A critical issue has been found in the SourceCodester Open Source Clinic Management System, affecting an unknown functionality of the file setting.php. The...

CVE-2023-6425

A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/medicalrecordsview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacki...

CVE-2023-6425

A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/medicalrecordsview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacki...

CVE-2023-6423

A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/eventsview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user ...