2413 matches found
Hospital Management System 1.0 - Cross-Site Scripting
Hospital Management System 1.0 contains a cross-site scripting vulnerability via the searchdata parameter in doctor/search.php and patient-search.php. id: CVE-2021-39411 info: name: Hospital Management System 1.0 - Cross-Site Scripting author: arafatansari severity: high description: | Hospital...
EUVD-2026-43127
The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to generic SQL Injection via the 'orderby' parameter in all versions up to, and including, 4.5.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...
WordPress KiviCare plugin <= 4.5.0 - SQL Injection vulnerability
SQL Injection vulnerability discovered by PRISM - Wordfence in WordPress Plugin KiviCare versions = 4.5.0...
CVE-2026-14774 itsourcecode Hospital Management System paymentdischarge.php sql injection
A vulnerability was determined in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /paymentdischarge.php. This manipulation of the argument patientid causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and ma...
CVE-2026-14773
Affects itsourcecode Hospital Management System 1.0. The vulnerability is in the /payment.php file, where manipulating the patientid parameter leads to SQL injection. It is remotely exploitable and the exploit has been made public, enabling potential attackers to weaponize it. The CVSS-based summ...
CVE-2026-14731
A weakness has been identified in itsourcecode Hospital Management System 1.0. This affects an unknown part of the file /patientreport.php. Executing a manipulation of the argument editid can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the...
CVE-2026-14730
A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /patientprofile.php. Performing a manipulation of the argument patientname results in sql injection. The attack can be initiated remotely. The explo...
EUVD-2026-41739
A weakness has been identified in itsourcecode Hospital Management System 1.0. This affects an unknown part of the file /patientreport.php. Executing a manipulation of the argument editid can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the...
CVE-2026-14731
A weakness has been identified in itsourcecode Hospital Management System 1.0. This affects an unknown part of the file /patientreport.php. Executing a manipulation of the argument editid can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the...
CVE-2026-14731
CVE-2026-14731 affects the itsourcecode Hospital Management System 1.0. The vulnerability is in an unknown portion of the file /patientreport.php where manipulating the argument editid leads to SQL injection. It can be exploited remotely and, per the description, the exploit has been made publicl...
CVE-2026-14731 itsourcecode Hospital Management System patientreport.php sql injection
A weakness has been identified in itsourcecode Hospital Management System 1.0. This affects an unknown part of the file /patientreport.php. Executing a manipulation of the argument editid can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the...
CVE-2026-14730
The vulnerability CVE-2026-14730 affects itsourcecode Hospital Management System 1.0. Affected component: /patientprofile.php where manipulating the patientname parameter enables SQL injection. Exploitation is remote; an exploit is publicly available. According to the description, the impact is c...
CVE-2026-14717 itsourcecode Hospital Management System patientlogin.php sql injection
A vulnerability was detected in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /patientlogin.php. Performing a manipulation of the argument loginid results in sql injection. Remote exploitation of the attack is possible. The exploit is now...
CVE-2026-14703
A vulnerability has been found in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /patientorder.php. Such manipulation of the argument editid leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and...
EUVD-2026-41722
A vulnerability has been found in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /patientorder.php. Such manipulation of the argument editid leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and...
PT-2026-55830
Name of the Vulnerable Software and Affected Versions itsourcecode Hospital Management System version 1.0 Description A remote SQL injection exists in the /payment.php endpoint. The issue occurs when the patientid argument is manipulated, allowing an attacker to execute arbitrary SQL commands on...
CVE-2026-14638
A flaw has been found in itsourcecode Hospital Management System 1.0. This affects an unknown function of the file /patient.php. This manipulation of the argument editid causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...
CVE-2026-13578
A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patientdetail.php. Performing a manipulation of the argument editid results in sql injection. The attack may be initiated remotely. The explo...
EUVD-2026-40120
A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patientdetail.php. Performing a manipulation of the argument editid results in sql injection. The attack may be initiated remotely. The explo...
CVE-2026-13578 itsourcecode Hospital Management System patientdetail.php sql injection
A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patientdetail.php. Performing a manipulation of the argument editid results in sql injection. The attack may be initiated remotely. The explo...