9 matches found
CVE-2025-56212
Summary: CVE-2025-56212 affects phpgurukul Hospital Management System 4.0. The vulnerability is an SQL Injection in the add-doctor.php file through the docname parameter caused by insufficient input validation. The CVSS 3.1 metrics indicate a critical impact (base score 9.8) with attacker’s acces...
CVE-2025-5758
A vulnerability classified as critical has been found in SourceCodester Open Source Clinic Management System 1.0. This affects an unknown part of the file /doctor.php. The manipulation of the argument doctorname leads to sql injection. It is possible to initiate the attack remotely. The exploit h...
CVE-2025-5758 SourceCodester Open Source Clinic Management System doctor.php sql injection
A vulnerability classified as critical has been found in SourceCodester Open Source Clinic Management System 1.0. This affects an unknown part of the file /doctor.php. The manipulation of the argument doctorname leads to sql injection. It is possible to initiate the attack remotely. The exploit h...
SourceCodester Open Source Clinic Management System 注入漏洞
SourceCodester Open Source Clinic Management System is an open source clinic management system from SourceCodester. An injection vulnerability exists in SourceCodester Open Source Clinic Management System version 1.0, which is caused by an incorrect manipulation of the doctorname parameter in the...
CVE-2024-10350 code-projects Hospital Management System add-doctor.php sql injection
A vulnerability was found in code-projects Hospital Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/add-doctor.php. The manipulation of the argument docname leads to sql injection. The attack can be initiated remotely. The exploi...
CVE-2024-10350 code-projects Hospital Management System add-doctor.php sql injection
A vulnerability was found in code-projects Hospital Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/add-doctor.php. The manipulation of the argument docname leads to sql injection. The attack can be initiated remotely. The exploi...
CVE-2024-46238
Multiple Cross Site Scripting XSS vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the docname parameter in /admin/add-doctor.php and /admin/edit-doctor.php...
Sql injection
In Hospital-Management-System v1.0, the editid parameter in the doctor.php page is vulnerable to SQL injection attacks...
CVE-2022-30516
The connected sources confirm a SQL injection vulnerability in Hospital-Management-System v1.0, specifically in the editid parameter of doctor.php. The root cause is missing SQL filtering/escaping for editid, enabling attackers to manipulate queries. CVSS data indicates a high-severity, network-e...