Lucene search
+L

6 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-34176

Malicious code in bioql PyPI...

6.5CVSS8.7AI score0.0041EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2025/02/28 7:34 a.m.6 views

CVE-2025-1572 KiviCare – Clinic & Patient Management System (EHR) <= 3.6.7 - Authenticated (Doctor+) SQL Injection via 'u_id' Parameter

The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to SQL Injection via the ‘uid’ parameter in all versions up to, and including, 3.6.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

6.5CVSS6.5AI score0.00486EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2024/12/06 11:9 a.m.9 views

CVE-2024-11729 KiviCare – Clinic & Patient Management System (EHR) <= 3.6.4 - Authenticated (Subscriber+) SQL Injection

The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to SQL Injection via the 'servicelist0serviceid' parameter of the getwidgetpaymentoptions AJAX action in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter an...

6.5CVSS7.3AI score0.00571EPSS
Exploits0References2
cvelist
cvelist
added 2024/12/06 11:9 a.m.19 views

CVE-2024-11729 KiviCare – Clinic & Patient Management System (EHR) <= 3.6.4 - Authenticated (Subscriber+) SQL Injection

The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to SQL Injection via the 'servicelist0serviceid' parameter of the getwidgetpaymentoptions AJAX action in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter an...

6.5CVSS0.00571EPSS
Exploits0References2
cvelist
cvelist
added 2024/12/06 11:9 a.m.30 views

CVE-2024-11730 KiviCare – Clinic & Patient Management System (EHR) <= 3.6.4 - Authenticated (Doctor/Receptionist+) SQL Injection

The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to SQL Injection via the 'sort' parameter of the staticdatalist AJAX action in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter and lack of sufficient...

6.5CVSS0.0041EPSS
Exploits0References2
cve
cve
added 2024/12/06 9:22 a.m.108 views

CVE-2024-11728

CVE-2024-11728 concerns the WordPress plugin KiviCare – Clinic & Patient Management System (EHR) , affected up to version 3.6.4 . The vulnerability is an unauthenticated SQL Injection via the parameter visit_type[service_id] in the tax_calculated_data AJAX action, caused by insufficient escaping ...

7.5CVSS7.7AI score0.13515EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder