CVE-2026-1146

A vulnerability has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this issue is some unknown functionality of the file /php/apiregisterpatient.php. Such manipulation of the argument firstName/lastName leads to cross site scripting. The...

CVE-2025-41003 Multiple vulnerabilities in Imaster products Open configuration options

Imaster's Patient Record Management System contains a stored Cross-Site Scripting XSS vulnerability in the endpoint ‘/projects/hospital/admin/editpatient.php’. By injecting a malicious script into the ‘firstname’ parameter, the JavaScript code is stored and executed every time a user accesses the...

SourceCodester Clinics Patient Management System 安全漏洞

SourceCodester Clinics Patient Management System is a clinic patient management system from SourceCodester, Inc. A security vulnerability exists in SourceCodester Clinics Patient Management System version 2.0, which stems from the parameter message in the file /users.php that can lead to cross-si...

Doctor Appointment System 1.0 SQL Injection

Exploit Title: Doctor Appointment System 1.0 - Authenticated SQL Injection Date: 2021-02-09 Exploit Author: Soham Bakore, Nakul Ratti Vendor Homepage: https://www.sourcecodester.com/php/14182/doctor-appointment-system.html Software Link:...