6 matches found
EUVD-2024-34176
Malicious code in bioql PyPI...
CVE-2025-1572 KiviCare – Clinic & Patient Management System (EHR) <= 3.6.7 - Authenticated (Doctor+) SQL Injection via 'u_id' Parameter
The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to SQL Injection via the ‘uid’ parameter in all versions up to, and including, 3.6.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...
CVE-2024-11729 KiviCare – Clinic & Patient Management System (EHR) <= 3.6.4 - Authenticated (Subscriber+) SQL Injection
The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to SQL Injection via the 'servicelist0serviceid' parameter of the getwidgetpaymentoptions AJAX action in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter an...
CVE-2024-11729 KiviCare – Clinic & Patient Management System (EHR) <= 3.6.4 - Authenticated (Subscriber+) SQL Injection
The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to SQL Injection via the 'servicelist0serviceid' parameter of the getwidgetpaymentoptions AJAX action in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter an...
CVE-2024-11730 KiviCare – Clinic & Patient Management System (EHR) <= 3.6.4 - Authenticated (Doctor/Receptionist+) SQL Injection
The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to SQL Injection via the 'sort' parameter of the staticdatalist AJAX action in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter and lack of sufficient...
CVE-2024-11728
CVE-2024-11728 concerns the WordPress plugin KiviCare – Clinic & Patient Management System (EHR) , affected up to version 3.6.4 . The vulnerability is an unauthenticated SQL Injection via the parameter visit_type[service_id] in the tax_calculated_data AJAX action, caused by insufficient escaping ...