CVE-2026-10186

A security vulnerability has been detected in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patient.php. Such manipulation of the argument editid leads to sql injection. The attack can be executed remotely. The exploit...

EUVD-2026-33508

A security vulnerability has been detected in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patient.php. Such manipulation of the argument editid leads to sql injection. The attack can be executed remotely. The exploit...

PT-2026-45197

A security vulnerability has been detected in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patient.php. Such manipulation of the argument editid leads to sql injection. The attack can be executed remotely. The exploit...

CVE-2026-48227

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in patient.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the id and ticketid GET parameters directly into an HTML form action URL. Attackers can...

CVE-2026-48227 Open ISES Tickets < 3.44.2 Reflected XSS via patient.php id and ticket_id Parameters

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in patient.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the id and ticketid GET parameters directly into an HTML form action URL. Attackers can...

tickets 跨站脚本漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from the use of the id and ticketid GET parameters in the patient.php file, allowing...

PT-2026-42505

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in patient.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the id and ticket id GET parameters directly into an HTML form action URL. Attackers ca...

EUVD-2024-53479

Malicious code in bioql PyPI...

EUVD-2022-45281

Malicious code in bioql PyPI...

CVE-2025-9774 RemoteClinic edit-patient.php information disclosure

A vulnerability has been found in RemoteClinic up to 2.0. This issue affects some unknown processing of the file /patients/edit-patient.php. The manipulation of the argument Email leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public a...

CVE-2025-6613 PHPGurukul Hospital Management System manage-patient.php cross site scripting

A vulnerability classified as problematic was found in PHPGurukul Hospital Management System 4.0. Affected by this vulnerability is an unknown functionality of the file /doctor/manage-patient.php. The manipulation of the argument Name leads to cross site scripting. The attack can be launched...

CVE-2025-6613 PHPGurukul Hospital Management System manage-patient.php cross site scripting

A vulnerability classified as problematic was found in PHPGurukul Hospital Management System 4.0. Affected by this vulnerability is an unknown functionality of the file /doctor/manage-patient.php. The manipulation of the argument Name leads to cross site scripting. The attack can be launched...

Hospital Management System edit-patient.php file cross-site scripting vulnerability

Hospital Management System a PHP and MySQL based hospital management system. Hospital Management System has a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied data in the parameter patname in the file /doctor/edit-patient.php,...

PT-2025-23401 · Sourcecodester · Sourcecodester Health Center Patient Record Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Health Center Patient Record Management System version 1.0 Description: A critical issue affects an unknown functionality of the file /patient.php. The manipulation of the argument itr no leads to SQL injection. The attack can ...

CVE-2025-5364 Campcodes Online Hospital Management System add-patient.php sql injection

A vulnerability was found in Campcodes Online Hospital Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /doctor/add-patient.php. The manipulation of the argument patname leads to sql injection. The attack may be launched remotely...

CVE-2023-3809

A vulnerability was found in Hospital Management System 1.0. It has been classified as critical. This affects an unknown part of the file patient.php. The manipulation of the argument address leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to...

CVE-2021-35387

Hospital Management System v 4.0 is vulnerable to SQL Injection via file:hospital/hms/admin/view-patient.php...

CVE-2024-56990

PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting XSS in /view-medhistory.php and /admin/view-patient.php...

CVE-2024-46237

PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting XSS via the patname, pataddress, and medhis parameters in doctor/add-patient.php and doctor/edit-patient.php...

Sql injection

A vulnerability was found in Hospital Management System 1.0. It has been classified as critical. This affects an unknown part of the file patient.php. The manipulation of the argument address leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to...