19 matches found
CVE-2026-6006 code-projects Patient Record Management System edit_hpatient.php sql injection
A vulnerability has been found in code-projects Patient Record Management System 1.0. The impacted element is an unknown function of the file /edithpatient.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...
CVE-2025-41003
Imaster's Patient Record Management System contains a stored Cross-Site Scripting XSS vulnerability in the endpoint ‘/projects/hospital/admin/editpatient.php’. By injecting a malicious script into the ‘firstname’ parameter, the JavaScript code is stored and executed every time a user accesses the...
CVE-2025-41003
Imaster's Patient Record Management System contains a stored Cross-Site Scripting XSS vulnerability in the endpoint ‘/projects/hospital/admin/editpatient.php’. By injecting a malicious script into the ‘firstname’ parameter, the JavaScript code is stored and executed every time a user accesses the...
CVE-2025-41003
The CVE-2025-41003 entry concerns Imaster’s Patient Record Management System, where a stored XSS vulnerability exists in the endpoint /projects/hospital/admin/edit_patient.php. The issue is triggered by injecting a malicious script into the firstname parameter, whose payload is persisted and exec...
CVE-2025-41003 Multiple vulnerabilities in Imaster products Open configuration options
Imaster's Patient Record Management System contains a stored Cross-Site Scripting XSS vulnerability in the endpoint ‘/projects/hospital/admin/editpatient.php’. By injecting a malicious script into the ‘firstname’ parameter, the JavaScript code is stored and executed every time a user accesses the...
CVE-2025-41003 Multiple vulnerabilities in Imaster products Open configuration options
Imaster's Patient Record Management System contains a stored Cross-Site Scripting XSS vulnerability in the endpoint ‘/projects/hospital/admin/editpatient.php’. By injecting a malicious script into the ‘firstname’ parameter, the JavaScript code is stored and executed every time a user accesses the...
PT-2026-2262
Name of the Vulnerable Software and Affected Versions Imaster Patient Record Management System affected versions not specified Description The software contains a stored Cross-Site Scripting XSS issue in the /projects/hospital/admin/edit patient.php endpoint. An attacker can inject a malicious...
Imaster Patient Record Management System 跨站脚本漏洞
Imaster Patient Record Management System is a patient record management system by the individual developer Nzioka Victor. The Imaster Patient Record Management System suffers from a cross-site scripting vulnerability that stems from insufficient validation of the firstname parameter in the endpoi...
EUVD-2025-26338
Malicious code in bioql PyPI...
CVE-2025-9774
A vulnerability has been found in RemoteClinic up to 2.0. This issue affects some unknown processing of the file /patients/edit-patient.php. The manipulation of the argument Email leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public a...
CVE-2025-9774
CVE-2025-9774 affects RemoteClinic up to version 2.0. The vulnerability stems from how the application processes the file /patients/edit-patient.php, where manipulation of the Email argument can lead to information disclosure. The issue can be triggered remotely and the exploit has been disclosed...
CVE-2025-9774 RemoteClinic edit-patient.php information disclosure
A vulnerability has been found in RemoteClinic up to 2.0. This issue affects some unknown processing of the file /patients/edit-patient.php. The manipulation of the argument Email leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public a...
Saad Irfan RemoteClinic 安全漏洞
Saad Irfan RemoteClinic is an open source application from Saad Irfan. Provides the ability to remotely manage your clinic via the web. A security vulnerability exists in Saad Irfan RemoteClinic 2.0 and earlier versions, which stems from information disclosure due to incorrect manipulation of the...
PT-2025-35474
Name of the Vulnerable Software and Affected Versions: RemoteClinic versions up to 2.0 Description: A vulnerability exists in RemoteClinic that affects the processing of the file /patients/edit-patient.php. Manipulation of the Email argument leads to information disclosure. The attack can be...
CVE-2025-5584
A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been classified as problematic. Affected is an unknown function of the file /doctor/edit-patient.php?editid=2 of the component POST Parameter Handler. The manipulation of the argument patname leads to cross site...
PHPGurukul Hospital Management System 代码注入漏洞
Hospital Management System a PHP and MySQL based hospital management system. Hospital Management System has a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied data in the parameter patname in the file /doctor/edit-patient.php,...
PHPGurukul Hospital Management System 安全漏洞
PHPGurukul Hospital Management System is an open source PHP and MySQL based hospital management system from PHPGurukul. A security vulnerability exists in PHPGurukul Hospital Management System version 4.0, which originates from a cross-site scripting attack via the patname, pataddress, and medhis...
PT-2024-31928 · Unknown · Phpgurukul Hospital Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Hospital Management System version 4.0 Description: The issue concerns Cross Site Scripting XSS in the PHPGurukul Hospital Management System. This occurs via the patname, pataddress, and medhis parameters in the...
CVE-2021-39416
Multiple Cross Site Scripting XSS vulnerabilities exists in Remote Clinic v2.0 in 1 patients/register-patient.php via the a Contact, b Email, c Weight, d Profession, e refcontact, f address, g gender, h age, and i serial parameters; in 2 patients/edit-patient.php via the a Contact, b Email, c...