138 matches found
CVE-2022-36544
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/booking.php...
CVE-2022-36543
The affected software is Edoc-doctor-appointment-system v1.0.1. A SQL injection vulnerability exists in the endpoint /patient/doctors.php, exploitable via the id parameter. The Root Cause, as stated across sources, is an injection flaw in handling the id parameter, enabling potentially arbitrary ...
CVE-2022-36544
CVE-2022-36544 affects the Edoc-doctor-appointment-system v1.0.1, with a SQL injection vulnerability via the id parameter in /patient/booking.php. Root cause: improper handling of the id value leading to injection into SQL queries. Impact: high confidentiality, integrity, and availability impacts...
CVE-2022-36542
An access control issue in the component /ip/admin/ of Edoc-doctor-appointment-system v1.0.1 allows attackers to arbitrarily edit, read, and delete Administrator data...
CVE-2022-36542
Edoc-doctor-appointment-system v1.0.1 has an access control vulnerability in the /ip/admin/ component that allows attackers to arbitrarily edit, read, and delete Administrator data. The issue is described across multiple sources (NVD/Red Hat/PRION/etc.), with CVSS 3.1 characteristics indicating n...
Edoc-doctor-appointment-system SQL注入漏洞
Edoc-doctor-appointment-system is a simple web project for e-access by HashenUdara Personal Developer. A security vulnerability exists in Edoc-doctor-appointment-system version v1.0.1, which stems from the discovery of a SQL injection vulnerability via the id parameter in /patient/settings.php...
PT-2022-23458 · Unknown · Edoc-Doctor-Appointment-System
Name of the Vulnerable Software and Affected Versions: Edoc-doctor-appointment-system version 1.0.1 Description: The Edoc-doctor-appointment-system contains a Cross-Site Request Forgery CSRF issue via the "/patient/settings.php" API endpoint. This allows for potentially malicious requests to be...
Edoc-doctor-appointment-system 跨站脚本漏洞
Edoc-doctor-appointment-system is a simple web project for e-access by HashenUdara Personal Developer. A security vulnerability exists in Edoc-doctor-appointment-system version v1.0.1, which stems from a stored cross-site scripting vulnerability discovered via /patient/settings.php. An attacker...
PT-2022-23455
Name of the Vulnerable Software and Affected Versions Edoc-doctor-appointment-system version 1.0.1 Description The Edoc-doctor-appointment-system contains a SQL injection issue via the id parameter at the "/patient/doctors.php" API endpoint. Recommendations For Edoc-doctor-appointment-system...
PT-2022-23456 · Unknown · Edoc-Doctor-Appointment-System
Name of the Vulnerable Software and Affected Versions: Edoc-doctor-appointment-system version 1.0.1 Description: A SQL injection issue was found in the Edoc-doctor-appointment-system via the id parameter at the "/patient/booking.php" API endpoint. Recommendations: For Edoc-doctor-appointment-syst...
PT-2022-23460
Name of the Vulnerable Software and Affected Versions Edoc-doctor-appointment-system version 1.0.1 Description The issue is related to a stored cross-site scripting XSS vulnerability. This vulnerability is located at the "/patient/settings.php" API endpoint and allows attackers to execute arbitra...
PT-2022-23454
Name of the Vulnerable Software and Affected Versions Edoc-doctor-appointment-system version 1.0.1 Description An access control issue in the component /ip/admin/ allows attackers to arbitrarily edit, read, and delete Administrator data. Recommendations For Edoc-doctor-appointment-system version...
Edoc-doctor-appointment-system 跨站脚本漏洞
Edoc-doctor-appointment-system is a simple web project for e-access by HashenUdara Personal Developer. A security vulnerability exists in Edoc-doctor-appointment-system version v1.0.1, which stems from the discovery of a reflected cross-site scripting vulnerability via /patient/index.php. An...
Edoc-doctor-appointment-system 跨站请求伪造漏洞
Edoc-doctor-appointment-system is a simple web project for e-access by HashenUdara Personal Developer. A security vulnerability exists in Edoc-doctor-appointment-system version v1.0.1, which stems from a cross-site request forgery vulnerability discovered via /patient/settings.php...
Edoc-doctor-appointment-system SQL注入漏洞
Edoc-doctor-appointment-system is a simple web project for e-channels by HashenUdara Personal Developer. A security vulnerability exists in Edoc-doctor-appointment-system version v1.0.1, which stems from the discovery of a SQL injection vulnerability via the id parameter in /patient/booking.php...
SQL Injection Vulnerability in the Frontend Po***.aspx Page of eDoc Electronic Document Library
Electronic document library eDoc is a click document management system developed by Anhui Qixing Studio. Electronic document library eDoc foreground Po.aspx page there is a SQL injection vulnerability, an attacker can use the vulnerability to obtain sensitive information in the database...
SQL Injection Vulnerability in the Frontend Pr***.ashx Page of eDoc, an Electronic Document Repository
Electronic document library eDoc is a click document management system developed by Anhui Qixing Studio. SQL injection vulnerability exists in the front-end Pr.ashx page of eDoc, which can be exploited by attackers to obtain sensitive information from the database...
SQL Injection Vulnerability in eDoc Backend fo***.aspx Page
Electronic document library eDoc is a click document management system developed by Anhui Qixing Studio. Electronic document library eDoc background fo.aspx page SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive information...
SQL Injection Vulnerability in the Frontend Do***.aspx Page of eDoc Electronic Document Library
Electronic document library eDoc is a click document management system developed by Anhui Qixing Studio. Electronic document library eDoc front Do.aspx page SQL injection vulnerability, an attacker can use the vulnerability to obtain database sensitive information...
SQL Injection Vulnerability in the Frontend Pi***.aspx Page of eDoc, an Electronic Document Library
Electronic document library eDoc is a click document management system developed by Anhui Qixing Studio. Electronic document library eDoc foreground Pi.aspx page there is a SQL injection vulnerability, an attacker can use the vulnerability to obtain sensitive information in the database...