Lucene search
+L

2413 matches found

nuclei
nuclei
added 12 hours ago53 views

Hospital Management System 1.0 - Cross-Site Scripting

Hospital Management System 1.0 contains a cross-site scripting vulnerability via the searchdata parameter in doctor/search.php and patient-search.php. id: CVE-2021-39411 info: name: Hospital Management System 1.0 - Cross-Site Scripting author: arafatansari severity: high description: | Hospital...

6.1CVSS6.4AI score0.0089EPSS
Exploits0References2
euvd
euvd
added 5 days ago5 views

EUVD-2026-43127

The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to generic SQL Injection via the 'orderby' parameter in all versions up to, and including, 4.5.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...

6.5CVSS6.1AI score0.00281EPSS
Exploits0References8
patchstack
patchstack
added 6 days ago4 views

WordPress KiviCare plugin <= 4.5.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by PRISM - Wordfence in WordPress Plugin KiviCare versions = 4.5.0...

6.5CVSS6.1AI score0.00249EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2026/07/05 10:30 p.m.31 views

CVE-2026-14774 itsourcecode Hospital Management System paymentdischarge.php sql injection

A vulnerability was determined in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /paymentdischarge.php. This manipulation of the argument patientid causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and ma...

6.5CVSS0.00204EPSS
Exploits0References6
cve
cve
added 2026/07/05 10:15 p.m.18 views

CVE-2026-14773

Affects itsourcecode Hospital Management System 1.0. The vulnerability is in the /payment.php file, where manipulating the patientid parameter leads to SQL injection. It is remotely exploitable and the exploit has been made public, enabling potential attackers to weaponize it. The CVSS-based summ...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6
nvd
nvd
added 2026/07/05 9:16 a.m.10 views

CVE-2026-14731

A weakness has been identified in itsourcecode Hospital Management System 1.0. This affects an unknown part of the file /patientreport.php. Executing a manipulation of the argument editid can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the...

6.5CVSS0.002EPSS
Exploits0References6
nvd
nvd
added 2026/07/05 9:16 a.m.8 views

CVE-2026-14730

A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /patientprofile.php. Performing a manipulation of the argument patientname results in sql injection. The attack can be initiated remotely. The explo...

6.5CVSS0.002EPSS
Exploits0References6
euvd
euvd
added 2026/07/05 8:30 a.m.10 views

EUVD-2026-41739

A weakness has been identified in itsourcecode Hospital Management System 1.0. This affects an unknown part of the file /patientreport.php. Executing a manipulation of the argument editid can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the...

6.5CVSS6.6AI score0.002EPSS
Exploits0References6
attackerkb
attackerkb
added 2026/07/05 8:30 a.m.9 views

CVE-2026-14731

A weakness has been identified in itsourcecode Hospital Management System 1.0. This affects an unknown part of the file /patientreport.php. Executing a manipulation of the argument editid can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the...

6.5CVSS6.6AI score0.002EPSS
Exploits0References6Affected Software1
cve
cve
added 2026/07/05 8:30 a.m.19 views

CVE-2026-14731

CVE-2026-14731 affects the itsourcecode Hospital Management System 1.0. The vulnerability is in an unknown portion of the file /patientreport.php where manipulating the argument editid leads to SQL injection. It can be exploited remotely and, per the description, the exploit has been made publicl...

6.5CVSS6.6AI score0.002EPSS
Exploits0References6
cvelist
cvelist
added 2026/07/05 8:30 a.m.38 views

CVE-2026-14731 itsourcecode Hospital Management System patientreport.php sql injection

A weakness has been identified in itsourcecode Hospital Management System 1.0. This affects an unknown part of the file /patientreport.php. Executing a manipulation of the argument editid can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the...

6.5CVSS0.002EPSS
Exploits0References6
cve
cve
added 2026/07/05 8:15 a.m.17 views

CVE-2026-14730

The vulnerability CVE-2026-14730 affects itsourcecode Hospital Management System 1.0. Affected component: /patientprofile.php where manipulating the patientname parameter enables SQL injection. Exploitation is remote; an exploit is publicly available. According to the description, the impact is c...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
cvelist
cvelist
added 2026/07/05 6:0 a.m.30 views

CVE-2026-14717 itsourcecode Hospital Management System patientlogin.php sql injection

A vulnerability was detected in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /patientlogin.php. Performing a manipulation of the argument loginid results in sql injection. Remote exploitation of the attack is possible. The exploit is now...

6.5CVSS0.002EPSS
Exploits0References6
nvd
nvd
added 2026/07/05 5:16 a.m.10 views

CVE-2026-14703

A vulnerability has been found in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /patientorder.php. Such manipulation of the argument editid leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and...

6.5CVSS0.002EPSS
Exploits0References6
euvd
euvd
added 2026/07/05 4:15 a.m.8 views

EUVD-2026-41722

A vulnerability has been found in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /patientorder.php. Such manipulation of the argument editid leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and...

6.5CVSS5.8AI score0.002EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/07/05 12:0 a.m.8 views

PT-2026-55830

Name of the Vulnerable Software and Affected Versions itsourcecode Hospital Management System version 1.0 Description A remote SQL injection exists in the /payment.php endpoint. The issue occurs when the patientid argument is manipulated, allowing an attacker to execute arbitrary SQL commands on...

6.5CVSS7AI score0.00204EPSS
Exploits0References9
nvd
nvd
added 2026/07/04 6:16 p.m.11 views

CVE-2026-14638

A flaw has been found in itsourcecode Hospital Management System 1.0. This affects an unknown function of the file /patient.php. This manipulation of the argument editid causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...

6.5CVSS0.002EPSS
Exploits0References6
nvd
nvd
added 2026/06/29 3:16 p.m.9 views

CVE-2026-13578

A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patientdetail.php. Performing a manipulation of the argument editid results in sql injection. The attack may be initiated remotely. The explo...

6.5CVSS0.002EPSS
Exploits0References6
euvd
euvd
added 2026/06/29 2:30 p.m.9 views

EUVD-2026-40120

A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patientdetail.php. Performing a manipulation of the argument editid results in sql injection. The attack may be initiated remotely. The explo...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
cvelist
cvelist
added 2026/06/29 2:30 p.m.40 views

CVE-2026-13578 itsourcecode Hospital Management System patientdetail.php sql injection

A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patientdetail.php. Performing a manipulation of the argument editid results in sql injection. The attack may be initiated remotely. The explo...

6.5CVSS0.002EPSS
Exploits0References6
Rows per page
Query Builder