24 matches found
Hospital Management System 1.0 - Cross-Site Scripting
Hospital Management System 1.0 contains a cross-site scripting vulnerability via the searchdata parameter in doctor/search.php and patient-search.php. id: CVE-2021-39411 info: name: Hospital Management System 1.0 - Cross-Site Scripting author: arafatansari severity: high description: | Hospital...
EUVD-2018-18402
Malware in sbrugna...
EUVD-2017-8769
Malware in sbrugna...
CVE-2023-41532
Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the doctorcontact parameter in doctorsearch.php...
CVE-2025-6570
A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 4.0. Affected by this issue is some unknown functionality of the file /doctor/search.php. The manipulation of the argument searchdata leads to sql injection. The attack may be launched...
CVE-2025-6408
A vulnerability has been found in Campcodes Online Hospital Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /doctor/search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The explo...
CampCodes Online Hospital Management System 注入漏洞
CampCodes Online Hospital Management System is an online hospital management system from CampCodes, Inc. An injection vulnerability exists in CampCodes Online Hospital Management System version 1.0, which originates from a SQL injection due to a misbehavior of the searchdata parameter in the file...
PT-2024-16565 · Unknown · Phpgurukul Hospital Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Hospital Management System version 4.0 Description: A vulnerability was found in the PHPGurukul Hospital Management System, affecting some unknown processing of the file hms/doctor/search.php. The manipulation of the argument...
CVE-2021-39411
Multiple Cross Site Scripting XSS vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the 1 searchdata parameter in a doctor/search.php and b admin/patient-search.php, and the 2 fromdate and 3 todate parameters in admin/betweendates-detailsreports.php...
PT-2021-22580 · Unknown · Phpgurukul Hospital Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Hospital Management System version 4.0 Description: Multiple Cross Site Scripting XSS vulnerabilities exist in the system. The issue is related to the searchdata parameter in "/doctor/search.php" and "/admin/patient-search.php" API...
PHPGurukul Hospital Management System 跨站脚本漏洞
PHPGurukul Hospital Management System is a PHP and MySQL based hospital management system. PHPGurukul Hospital Management System 4.0 has a security vulnerability that can be exploited by an attacker to conduct xss attacks using multiple parameters. The parameters that can be exploited are 1...
Design/Logic Flaw
PHPGurukul hospital-management-system-in-php 4.0 allows XSS via admin/patient-search.php, doctor/search.php, book-appointment.php, doctor/appointment-history.php, or admin/appointment-history.php...
PT-2020-16054 · Phpgurukul · Phpgurukul Hospital-Management-System-In-Php
Name of the Vulnerable Software and Affected Versions: PHPGurukul hospital-management-system-in-php version 4.0 Description: The issue allows for XSS attacks via several endpoints, including "admin/patient-search.php", "doctor/search.php", "book-appointment.php", "doctor/appointment-history.php",...
PHP Scripts Mall Doctor Search Script Cross-Site Scripting Vulnerability
PHP Scripts Mall Doctor Search Script is a PHP based online doctor search website script by PHP Scripts Mall India. A cross-site scripting vulnerability exists in PHP Scripts Mall Doctor Search Script version 1.0.2. A remote attacker can exploit this vulnerability to inject arbitrary web script o...
Cross site scripting
PHP Scripts Mall Doctor Search Script 1.0.2 has Stored XSS via an arbitrary profile field...
CVE-2018-6655
PHP Scripts Mall Doctor Search Script 1.0.2 has Stored XSS via an arbitrary profile field...
CVE-2018-6655
PHP Scripts Mall Doctor Search Script 1.0.2 has Stored XSS via an arbitrary profile field...
CVE-2018-6655
The CVE-2018-6655 entry affects PHP Scripts Mall Doctor Search Script 1.0.2, describing a Stored Cross-Site Scripting vulnerability via an arbitrary profile field. Public artifacts (exploit-db, 0day, CNVD/NVD mirrors) corroborate that an attacker could inject arbitrary script/HTML through profile...
PHP Scripts Mall Doctor Search Script SQL Injection Vulnerability
PHP Scripts Mall Doctor Search Script is a PHP based online doctor search website script by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Doctor Search Script version 1.0. The vulnerability can be exploited by a remote attacker to inject SQL commands by sending...
CVE-2017-17611
Doctor Search Script 1.0 has SQL Injection via the /list city parameter...