56 matches found
CVE-2026-9603 SourceCodester eDoc Doctor Appointment System delete-session.php authorization
A security vulnerability has been detected in SourceCodester eDoc Doctor Appointment System 1.0. This affects an unknown part of the file /admin/delete-session.php. The manipulation of the argument ID leads to missing authorization. Remote exploitation of the attack is possible. The exploit has...
CVE-2026-9603 SourceCodester eDoc Doctor Appointment System delete-session.php authorization
A security vulnerability has been detected in SourceCodester eDoc Doctor Appointment System 1.0. This affects an unknown part of the file /admin/delete-session.php. The manipulation of the argument ID leads to missing authorization. Remote exploitation of the attack is possible. The exploit has...
EUVD-2026-32018
A security vulnerability has been detected in SourceCodester eDoc Doctor Appointment System 1.0. This affects an unknown part of the file /admin/delete-session.php. The manipulation of the argument ID leads to missing authorization. Remote exploitation of the attack is possible. The exploit has...
CVE-2025-66918
edoc-doctor-appointment-system v1.0.1 is vulnerable to Cross Site Scripting XSS in admin/add-session.php via the "title" parameter...
Edoc-doctor-appointment-system 安全漏洞
Edoc-doctor-appointment-system is a simple web project for e-channels by HashenUdara Personal Developer. A security vulnerability exists in Edoc-doctor-appointment-system version 1.0.1, which stems from an unfiltered title parameter in admin/add-session.php, which could lead to a cross-site...
CVE-2025-66918
edoc-doctor-appointment-system v1.0.1 is vulnerable to Cross Site Scripting XSS in admin/add-session.php via the "title" parameter...
EUVD-2025-202753
edoc-doctor-appointment-system v1.0.1 is vulnerable to Cross Site Scripting XSS in admin/add-session.php via the "title" parameter...
CVE-2025-66918
edoc-doctor-appointment-system v1.0.1 is vulnerable to Cross Site Scripting XSS in admin/add-session.php via the "title" parameter...
CVE-2025-66918
The CVE-2025-66918 entry concerns edoc-doctor-appointment-system v1.0.1 with a Cross Site Scripting (XSS) flaw in admin/add-session.php via the title parameter. The vulnerability is triggered by unsanitized user input in the title field, enabling script injection. Documents consistently describe ...
CVE-2025-65358
Edoc-doctor-appointment-system v1.0.1 was discovered to contain SQl injection vulnerability via the 'docid' parameter at /admin/appointment.php...
CVE-2025-65358
Edoc-doctor-appointment-system v1.0.1 was discovered to contain SQl injection vulnerability via the 'docid' parameter at /admin/appointment.php...
CVE-2025-65358
Edoc-doctor-appointment-system v1.0.1 contains an SQL injection via the docid parameter in /admin/appointment.php. The root cause is unsanitized user input enabling attackers to manipulate queries, resulting in a CRITICAL impact (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Documented in multi...
EUVD-2022-39252
Malicious code in bioql PyPI...
EUVD-2022-39251
Malicious code in bioql PyPI...
EUVD-2022-39250
Malicious code in bioql PyPI...
EUVD-2022-39249
Malicious code in bioql PyPI...
EUVD-2022-39253
Malicious code in bioql PyPI...
CVE-2022-36547
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a reflected cross-site scripting XSS vulnerability at /patient/index.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search field...
CVE-2022-36546
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a Cross-Site Request Forgery CSRF via /patient/settings.php...
CVE-2022-36545
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/settings.php...