CVE-2025-70062

PHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forgery CSRF vulnerability in the 'Add Doctor' module. The application fails to enforce CSRF token validation on the add-doctor.php endpoint. This allows remote attackers to create arbitrary Doctor accounts privileged users ...

CVE-2025-70062

PHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forgery CSRF vulnerability in the 'Add Doctor' module. The application fails to enforce CSRF token validation on the add-doctor.php endpoint. This allows remote attackers to create arbitrary Doctor accounts privileged users ...

CVE-2025-70062

PHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forgery CSRF vulnerability in the 'Add Doctor' module. The application fails to enforce CSRF token validation on the add-doctor.php endpoint. This allows remote attackers to create arbitrary Doctor accounts privileged users ...

PHPGurukul Hospital Management System 安全漏洞

PHPGurukul Hospital Management System is a hospital management system developed by PHPGurukul company, based on PHP and MySQL. The PHPGurukul Hospital Management System v4.0 version has a security vulnerability. This vulnerability stems from the lack of cross-site request forgery token verificati...

CVE-2025-70062

CVE-2025-70062 affects PHPGurukul Hospital Management System v4.0. A CSRF vulnerability exists in the Add Doctor module where the add-doctor.php endpoint does not enforce CSRF token validation. This allows an attacker to cause an authenticated administrator to visit a crafted page, potentially cr...

PT-2026-20481

PHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forgery CSRF vulnerability in the 'Add Doctor' module. The application fails to enforce CSRF token validation on the add-doctor.php endpoint. This allows remote attackers to create arbitrary Doctor accounts privileged users ...

CVE-2025-70062

PHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forgery CSRF vulnerability in the 'Add Doctor' module. The application fails to enforce CSRF token validation on the add-doctor.php endpoint. This allows remote attackers to create arbitrary Doctor accounts privileged users ...

CVE-2025-56212

phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in add-doctor.php via the docname parameter...

PHPGurukul Hospital Management System 安全漏洞

Hospital Management System is a PHP and MySQL based hospital management system. Hospital Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the docname parameter of add-doctor.php. No details of the...

CVE-2025-5363

A vulnerability has been found in Campcodes Online Hospital Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /doctor/index.php. The manipulation of the argument Username leads to sql injection. The attack can be launched...

Code-Projects E-Health Care System 注入漏洞

Code-Projects E-Health Care System is an e-health care system from Code-Projects open source. An injection vulnerability exists in Code-Projects E-Health Care System version 1.0, which stems from the parameter id of the file /Doctor/deleteuserappointmentrequest.php that can lead to SQL injection...

PT-2024-16670 · Code Projects · Code-Projects E-Health Care System

Name of the Vulnerable Software and Affected Versions: code-projects E-Health Care System version 1.0 Description: A critical issue was discovered in the system, affecting an unknown function of the file /Doctor/delete user appointment request.php. The manipulation of the id argument leads to SQL...

CVE-2024-10350

A vulnerability was found in code-projects Hospital Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/add-doctor.php. The manipulation of the argument docname leads to sql injection. The attack can be initiated remotely. The exploi...

Hospital Management System 4.0 Cross Site Scripting

Exploit Title: Hospital Management System 4.0 Stored Cross-Site Scripting Vulnerability Date: 2020-01-20 Exploit Author: Priyanka Samak Vendor Homepage: https://phpgurukul.com/ Software Link : https://phpgurukul.com/hospital-management-system-in-php/ Software : Hospital Management System Version ...