Lucene search
+L

41 matches found

cnnvd
cnnvd
added 2025/12/11 12:0 a.m.6 views

Edoc-doctor-appointment-system 安全漏洞

Edoc-doctor-appointment-system is a simple web project for e-channels by HashenUdara Personal Developer. A security vulnerability exists in Edoc-doctor-appointment-system version 1.0.1, which stems from an unfiltered title parameter in admin/add-session.php, which could lead to a cross-site...

8.8CVSS6.1AI score0.00494EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2025/12/11 12:0 a.m.3 views

CVE-2025-66918

edoc-doctor-appointment-system v1.0.1 is vulnerable to Cross Site Scripting XSS in admin/add-session.php via the "title" parameter...

5.8AI score0.00494EPSS
Exploits1References2
cve
cve
added 2025/12/11 12:0 a.m.14 views

CVE-2025-66918

The CVE-2025-66918 entry concerns edoc-doctor-appointment-system v1.0.1 with a Cross Site Scripting (XSS) flaw in admin/add-session.php via the title parameter. The vulnerability is triggered by unsanitized user input in the title field, enabling script injection. Documents consistently describe ...

8.8CVSS5.8AI score0.00494EPSS
Exploits1References2Affected Software1
cve
cve
added 2025/12/02 12:0 a.m.13 views

CVE-2025-65358

Edoc-doctor-appointment-system v1.0.1 contains an SQL injection via the docid parameter in /admin/appointment.php. The root cause is unsanitized user input enabling attackers to manipulate queries, resulting in a CRITICAL impact (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Documented in multi...

9.8CVSS7.3AI score0.00357EPSS
Exploits1References2Affected Software1
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-39251

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00988EPSS
Exploits1References2
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-39253

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00427EPSS
Exploits1References2
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-39252

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00988EPSS
Exploits1References2
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-39250

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00988EPSS
Exploits1References2
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-39249

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00616EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/05/23 1:11 a.m.11 views

CVE-2022-36547

Edoc-doctor-appointment-system v1.0.1 was discovered to contain a reflected cross-site scripting XSS vulnerability at /patient/index.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search field...

6.1CVSS6.1AI score0.0054EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 11:17 p.m.7 views

CVE-2022-36546

Edoc-doctor-appointment-system v1.0.1 was discovered to contain a Cross-Site Request Forgery CSRF via /patient/settings.php...

8.8CVSS7.6AI score0.00427EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 11:17 p.m.9 views

CVE-2022-36545

Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/settings.php...

9.8CVSS8.3AI score0.00988EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 11:12 p.m.9 views

CVE-2022-36542

An access control issue in the component /ip/admin/ of Edoc-doctor-appointment-system v1.0.1 allows attackers to arbitrarily edit, read, and delete Administrator data...

6.5CVSS6.9AI score0.00616EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 11:12 p.m.9 views

CVE-2022-36544

Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/booking.php...

9.8CVSS8.3AI score0.00988EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 10:11 p.m.9 views

CVE-2022-36543

Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/doctors.php...

9.8CVSS8.3AI score0.00988EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 9:53 p.m.10 views

CVE-2022-36548

Edoc-doctor-appointment-system v1.0.1 was discovered to contain a stored cross-site scripting XSS vulnerability at /patient/settings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field...

5.4CVSS5.9AI score0.00499EPSS
Exploits1References1
nvd
nvd
added 2022/08/26 9:15 p.m.20 views

CVE-2022-36544

Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/booking.php...

9.8CVSS0.00988EPSS
Exploits1References2
nvd
nvd
added 2022/08/26 9:15 p.m.17 views

CVE-2022-36548

Edoc-doctor-appointment-system v1.0.1 was discovered to contain a stored cross-site scripting XSS vulnerability at /patient/settings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field...

5.4CVSS0.00499EPSS
Exploits1References2
nvd
nvd
added 2022/08/26 9:15 p.m.23 views

CVE-2022-36546

Edoc-doctor-appointment-system v1.0.1 was discovered to contain a Cross-Site Request Forgery CSRF via /patient/settings.php...

8.8CVSS0.00427EPSS
Exploits1References2
nvd
nvd
added 2022/08/26 9:15 p.m.19 views

CVE-2022-36545

Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/settings.php...

9.8CVSS0.00988EPSS
Exploits1References2
Rows per page
Query Builder