9 matches found
CVE-2025-70062
PHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forgery CSRF vulnerability in the 'Add Doctor' module. The application fails to enforce CSRF token validation on the add-doctor.php endpoint. This allows remote attackers to create arbitrary Doctor accounts privileged users ...
CVE-2025-70062
PHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forgery CSRF vulnerability in the 'Add Doctor' module. The application fails to enforce CSRF token validation on the add-doctor.php endpoint. This allows remote attackers to create arbitrary Doctor accounts privileged users ...
PT-2026-20481
PHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forgery CSRF vulnerability in the 'Add Doctor' module. The application fails to enforce CSRF token validation on the add-doctor.php endpoint. This allows remote attackers to create arbitrary Doctor accounts privileged users ...
CVE-2025-70062
CVE-2025-70062 affects PHPGurukul Hospital Management System v4.0. A CSRF vulnerability exists in the Add Doctor module where the add-doctor.php endpoint does not enforce CSRF token validation. This allows an attacker to cause an authenticated administrator to visit a crafted page, potentially cr...
EUVD-2025-28420
Malicious code in bioql PyPI...
CVE-2025-56212
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in add-doctor.php via the docname parameter...
PT-2023-28106 · Sourcecodester · Sourcecodester Free Hospital Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Free Hospital Management System for Small Practices version 1.0 Description: A critical issue has been found in the SourceCodester Free Hospital Management System for Small Practices, affecting some unknown functionality of the...
CVE-2022-32348
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=deletedoctor...
CVE-2022-32339
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/doctors/viewdoctor.php?id=...