14 matches found
CVE-2025-63497
The CVE-2025-63497 entry concerns rickxy Hospital Management System v1.0, where the patient prescription viewing function his_doc_view_single_patient.php concatenates the GET parameter pat_number directly into SQL queries. This root cause enables SQL injection, allowing an authenticated doctor to...
CVE-2025-63497
The patient prescription viewing functionality in hisdocviewsinglepatient.php of rickxy Hospital Management System version 1.0 contains an SQL injection vulnerability. The patnumber GET parameter is directly concatenated into SQL queries without proper sanitization, allowing authenticated attacke...
CVE-2022-46499
Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the patnumber parameter at hisadminviewsinglepatient.php...
CVE-2022-46497
Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the patnumber parameter at hisdocviewsinglepatien.php...
CVE-2022-46499
Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the patnumber parameter at hisadminviewsinglepatient.php...
CVE-2022-46497
Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the patnumber parameter at hisdocviewsinglepatien.php...
Sql injection
Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the patnumber parameter at hisadminviewsinglepatient.php...
Sql injection
Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the patnumber parameter at hisdocviewsinglepatien.php...
CVE-2022-46497
Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the patnumber parameter at hisdocviewsinglepatien.php...
CVE-2022-46497
Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the patnumber parameter at hisdocviewsinglepatien.php...
CVE-2022-46499
Hospital Management System 1.0 contains a SQL injection vulnerability in the pat_number parameter of his_admin_view_single_patient.php. Affected component is the web application’s single-patient admin view; root cause is improper handling of input leading to SQL injection. CVSSv3.1 base score is ...
CVE-2022-46499
Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the patnumber parameter at hisadminviewsinglepatient.php...
Hospital Management System Security Vulnerability
The Hospital Management System HMS is a computerized system that helps manage healthcare-related information and helps healthcare providers do their jobs efficiently. A security vulnerability exists in Hospital Management System version 1.0 that stems from an SQL injection vulnerability contained...
CVE-2022-46499
Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the patnumber parameter at hisadminviewsinglepatient.php...