20 matches found
EUVD-2022-39252
Malicious code in bioql PyPI...
CVE-2022-36202
Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control IDOR via id= parameter...
CVE-2022-36202
Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control IDOR via id= parameter...
CVE-2022-36548
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a stored cross-site scripting XSS vulnerability at /patient/settings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field...
CVE-2022-36545
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/settings.php...
CVE-2022-36546
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a Cross-Site Request Forgery CSRF via /patient/settings.php...
CVE-2022-36545
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/settings.php...
CVE-2022-36546
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a Cross-Site Request Forgery CSRF via /patient/settings.php...
CVE-2022-36548
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a stored cross-site scripting XSS vulnerability at /patient/settings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field...
CVE-2022-36545
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/settings.php...
CVE-2022-36548
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a stored cross-site scripting XSS vulnerability at /patient/settings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field...
Sql injection
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/settings.php...
Cross site request forgery (csrf)
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a Cross-Site Request Forgery CSRF via /patient/settings.php...
CVE-2022-36546
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a Cross-Site Request Forgery CSRF via /patient/settings.php...
CVE-2022-36545
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/settings.php...
Edoc-doctor-appointment-system 跨站请求伪造漏洞
Edoc-doctor-appointment-system is a simple web project for e-access by HashenUdara Personal Developer. A security vulnerability exists in Edoc-doctor-appointment-system version v1.0.1, which stems from a cross-site request forgery vulnerability discovered via /patient/settings.php...
Edoc-doctor-appointment-system 跨站脚本漏洞
Edoc-doctor-appointment-system is a simple web project for e-access by HashenUdara Personal Developer. A security vulnerability exists in Edoc-doctor-appointment-system version v1.0.1, which stems from a stored cross-site scripting vulnerability discovered via /patient/settings.php. An attacker...
Edoc-doctor-appointment-system SQL注入漏洞
Edoc-doctor-appointment-system is a simple web project for e-access by HashenUdara Personal Developer. A security vulnerability exists in Edoc-doctor-appointment-system version v1.0.1, which stems from the discovery of a SQL injection vulnerability via the id parameter in /patient/settings.php...
PT-2022-23460
Name of the Vulnerable Software and Affected Versions Edoc-doctor-appointment-system version 1.0.1 Description The issue is related to a stored cross-site scripting XSS vulnerability. This vulnerability is located at the "/patient/settings.php" API endpoint and allows attackers to execute arbitra...
PT-2022-23458 · Unknown · Edoc-Doctor-Appointment-System
Name of the Vulnerable Software and Affected Versions: Edoc-doctor-appointment-system version 1.0.1 Description: The Edoc-doctor-appointment-system contains a Cross-Site Request Forgery CSRF issue via the "/patient/settings.php" API endpoint. This allows for potentially malicious requests to be...