EUVD-2025-48943

The patient prescription viewing functionality in hisdocviewsinglepatient.php of rickxy Hospital Management System version 1.0 contains an SQL injection vulnerability. The patnumber GET parameter is directly concatenated into SQL queries without proper sanitization, allowing authenticated attacke...

CVE-2025-63497

The CVE-2025-63497 entry concerns rickxy Hospital Management System v1.0, where the patient prescription viewing function his_doc_view_single_patient.php concatenates the GET parameter pat_number directly into SQL queries. This root cause enables SQL injection, allowing an authenticated doctor to...

CVE-2025-63497

The patient prescription viewing functionality in hisdocviewsinglepatient.php of rickxy Hospital Management System version 1.0 contains an SQL injection vulnerability. The patnumber GET parameter is directly concatenated into SQL queries without proper sanitization, allowing authenticated attacke...

CVE-2022-46499

Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the patnumber parameter at hisadminviewsinglepatient.php...

CVE-2022-46497

Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the patnumber parameter at hisdocviewsinglepatien.php...

CVE-2022-46499

Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the patnumber parameter at hisadminviewsinglepatient.php...

CVE-2022-46497

Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the patnumber parameter at hisdocviewsinglepatien.php...

Sql injection

Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the patnumber parameter at hisadminviewsinglepatient.php...

Sql injection

Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the patnumber parameter at hisdocviewsinglepatien.php...

CVE-2022-46497

Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the patnumber parameter at hisdocviewsinglepatien.php...

CVE-2022-46497

CVE-2022-46497 affects Hospital Management System 1.0. The vulnerability is a SQL injection in the pat_number parameter of the his_doc_view_single_patien.php endpoint. According to the metadata, the CVSS v3.1 base score is 8.1 (HIGH) with Network attack vector, low attack complexity, privileges r...

CVE-2022-46497

Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the patnumber parameter at hisdocviewsinglepatien.php...

CVE-2022-46499

Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the patnumber parameter at hisadminviewsinglepatient.php...

CVE-2022-46499

Hospital Management System 1.0 contains a SQL injection vulnerability in the pat_number parameter of his_admin_view_single_patient.php. Affected component is the web application’s single-patient admin view; root cause is improper handling of input leading to SQL injection. CVSSv3.1 base score is ...

Hospital Management System Security Vulnerability

The Hospital Management System HMS is a computerized system that helps manage healthcare-related information and helps healthcare providers do their jobs efficiently. A security vulnerability exists in Hospital Management System version 1.0 that stems from an SQL injection vulnerability contained...

CVE-2022-46499

Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the patnumber parameter at hisadminviewsinglepatient.php...