Lucene search
K

11 matches found

NVD
NVD
added 2 days ago5 views

CVE-2026-14730

A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /patientprofile.php. Performing a manipulation of the argument patientname results in sql injection. The attack can be initiated remotely. The explo...

6.5CVSS0.002EPSS
Exploits0References6
CVE
CVE
added 2 days ago9 views

CVE-2026-14730

The vulnerability CVE-2026-14730 affects itsourcecode Hospital Management System 1.0. Affected component: /patientprofile.php where manipulating the patientname parameter enables SQL injection. Exploitation is remote; an exploit is publicly available. According to the description, the impact is c...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-27551

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.01218EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/04/05 11:24 p.m.16 views

CVE-2025-3185

A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0. It has been classified as critical. Affected is an unknown function of the file /patient/patientupdateprofile.php. The manipulation of the argument patientFirstName leads to sql injection. It is possible to...

9.8CVSS7.4AI score0.00584EPSS
Exploits1References1
NVD
NVD
added 2025/04/03 11:15 p.m.8 views

CVE-2025-3184

A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0 and classified as critical. This issue affects some unknown processing of the file /patient/profile.php?patientId=1. The manipulation of the argument patientFirstName leads to sql injection. The attack may be...

9.8CVSS0.00551EPSS
Exploits1References4
CVE
CVE
added 2025/04/03 11:0 p.m.43 views

CVE-2025-3185

Vulnerability CVE-2025-3185 affects Projectworlds Online Doctor Appointment Booking System 1.0. The /patient/patientupdateprofile.php endpoint’s patientFirstName parameter can be manipulated to trigger SQL injection, with remote exploitation reportedly possible and publicly disclosed. Multiple co...

9.8CVSS7.6AI score0.00584EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2025/04/03 10:31 p.m.43 views

CVE-2025-3184

CVE-2025-3184 affects projectworlds Online Doctor Appointment Booking System 1.0. The vulnerability is a SQL injection in the /patient/profile.php endpoint (parameter patientFirstName, with patientId=1) caused by improper handling of input. The attack can be launched remotely and exploit details ...

9.8CVSS7.6AI score0.00551EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2023/07/21 5:15 a.m.18 views

Sql injection

A vulnerability was found in Hospital Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file patientprofile.php. The manipulation of the argument address leads to sql injection. The attack may be initiated remotely. The exploit has been...

6.5CVSS9.7AI score0.00634EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2023/07/21 12:0 a.m.4 views

Hospital Management System SQL注入漏洞

Hospital Management System HMS is a computerized system that helps manage healthcare-related information and helps healthcare providers do their jobs efficiently. A SQL injection vulnerability exists in Hospital Management System version 1.0, which stems from the presence of an unknown function i...

9.8CVSS7AI score0.00634EPSS
Exploits1References5
NVD
NVD
added 2022/04/06 2:15 a.m.16 views

CVE-2021-40374

A stored cross-site scripting XSS vulnerability was identified in Apperta Foundation OpenEyes 3.5.1. Updating a patient's details allows remote attackers to inject arbitrary web script or HTML via the Address1 parameter. This JavaScript then executes when the patient profile is loaded, which coul...

5.4CVSS0.01218EPSS
Exploits1References2
OSV
OSV
added 2022/04/06 2:15 a.m.13 views

CVE-2021-40374

A stored cross-site scripting XSS vulnerability was identified in Apperta Foundation OpenEyes 3.5.1. Updating a patient's details allows remote attackers to inject arbitrary web script or HTML via the Address1 parameter. This JavaScript then executes when the patient profile is loaded, which coul...

5.4CVSS4.9AI score0.01218EPSS
Exploits1References2
Rows per page
Query Builder