41 matches found
CVE-2022-23365
HMS v1.0 was discovered to contain a SQL injection vulnerability via doctorlogin.php...
EUVD-2022-30073
Malicious code in bioql PyPI...
EUVD-2022-30162
Malicious code in bioql PyPI...
EUVD-2022-28443
Malicious code in bioql PyPI...
EUVD-2022-30161
Malicious code in bioql PyPI...
EUVD-2022-28445
Malicious code in bioql PyPI...
CVE-2022-25493
HMS v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via treatmentrecord.php...
CVE-2022-25493
HMS v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via treatmentrecord.php...
CVE-2022-25492
HMS v1.0 was discovered to contain a SQL injection vulnerability via the medicineid parameter in ajaxmedicine.php...
CVE-2022-25491
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in appointment.php...
CVE-2022-25490
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in department.php...
Sql injection
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in department.php...
Sql injection
HMS v1.0 was discovered to contain a SQL injection vulnerability via the medicineid parameter in ajaxmedicine.php...
Sql injection
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in appointment.php...
Cross site scripting
HMS v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via treatmentrecord.php...
CVE-2022-25490
HMS v1.0 contains a SQL injection flaw in the department.php editid parameter. The vulnerability is documented with CVSS v3.1 base score 9.8 (CRITICAL) and CVSS v2.0 base score 7.5 (HIGH), indicating network access, no authentication required, and potential high impact on confidentiality, integri...
CVE-2022-25490
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in department.php...
CVE-2022-25491
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in appointment.php...
CVE-2022-25491
CVE-2022-25491 affects HMS v1.0. A SQL injection vulnerability exists in the editid parameter of appointment.php. Root cause: unsafely handled input enabling arbitrary SQL execution. Exploitation details are not provided in the connected documents. CVSS‑3.1 base score 7.5 (HIGH) with Network atta...
CVE-2022-25492
HMS v1.0 was discovered to contain a SQL injection vulnerability via the medicineid parameter in ajaxmedicine.php...