117 matches found
Employee Records System 1.0 - Unauthenticated File Upload RCE
Employee Records System version 1.0 contains an unrestricted file upload vulnerability in uploadID.php that allows remote unauthenticated attackers to upload arbitrary PHP files and achieve remote code execution. id: CVE-2021-4462 info: name: Employee Records System 1.0 - Unauthenticated File...
CVE-2026-10184
A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This impacts an unknown function of the file /classes/Users.php?f=delete. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been...
CVE-2026-10184 SourceCodester Hospitals Patient Records Management System Users.php delete sql injection
A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This impacts an unknown function of the file /classes/Users.php?f=delete. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been...
CVE-2026-9356
A vulnerability has been found in SourceCodester Hospitals Patient Records Management System 1.0. This affects an unknown function of the file /admin/patients/managehistory.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has...
CVE-2026-9564
A vulnerability was found in SourceCodester/oretnom23 Hospitals Patient Records Management System 1.0. The impacted element is an unknown function of the file /admin/?page=patients/viewpatient. Performing a manipulation of the argument Remarks results in cross site scripting. Remote exploitation ...
CVE-2026-9564
CVE-2026-9564 affects SourceCodester/oretnom23 Hospitals Patient Records Management System 1.0. The vulnerability is located in the unknown function handling the file path /admin/?page=patients/view_patient, where manipulating the argument Remarks triggers a cross-site scripting (XSS) flaw. The i...
CVE-2026-9356
A vulnerability has been found in SourceCodester Hospitals Patient Records Management System 1.0. This affects an unknown function of the file /admin/patients/managehistory.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has...
CVE-2026-9356 SourceCodester Hospitals Patient Records Management System manage_history.php sql injection
A vulnerability has been found in SourceCodester Hospitals Patient Records Management System 1.0. This affects an unknown function of the file /admin/patients/managehistory.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has...
CVE-2026-9355 SourceCodester Hospitals Patient Records Management System Master.php save_patient_history sql injection
A flaw has been found in SourceCodester Hospitals Patient Records Management System 1.0. The impacted element is an unknown function of the file /classes/Master.php?f=savepatienthistory. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely...
PT-2026-42914
A vulnerability has been found in SourceCodester Hospitals Patient Records Management System 1.0. This affects an unknown function of the file /admin/patients/manage history.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has...
SourceCodester Hospitals Patient Records Management System SQL注入漏洞
SourceCodester Hospitals Patient Records Management System is an open-source hospital medical record management system developed by SourceCodester. Version 1.0 of the SourceCodester Hospitals Patient Records Management System has a SQL injection vulnerability. This vulnerability arises from...
CVE-2026-9342
A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. Impacted is an unknown function of the file /admin/patients/viewhistory.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has be...
CVE-2026-9342
A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. Impacted is an unknown function of the file /admin/patients/viewhistory.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has be...
SourceCodester Hospitals Patient Records Management System SQL注入漏洞
SourceCodester Hospitals Patient Records Management System is an open-source hospital medical record management system developed by SourceCodester. Version 1.0 of the SourceCodester Hospitals Patient Records Management System contains a SQL injection vulnerability. This vulnerability stems from...
EUVD-2026-21295
A flaw has been found in code-projects Patient Record Management System 1.0. The affected element is an unknown function of the file /hematologyprint.php. Executing a manipulation of the argument hemid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-6006 code-projects Patient Record Management System edit_hpatient.php sql injection
A vulnerability has been found in code-projects Patient Record Management System 1.0. The impacted element is an unknown function of the file /edithpatient.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...
CVE-2025-41004 Multiple vulnerabilities in Imaster products Open configuration options
Imaster's Patient Records Management System is vulnerable to SQL Injection in the endpoint ‘/projects/hospital/admin/complaints.php’ through the ‘id’ parameter...
CVE-2019-20183
uploadimage.php in Employee Records System 1.0 allows upload and execution of arbitrary PHP code because file-extension validation is only on the client side. The attacker can modify global.js to allow the .php extension...
Exploit for Unrestricted Upload of File with Dangerous Type in Skittles Employee_Records_System
CVE-2021-4462 Test Environment Docker-based test environment...
PHPGurukul Student Record System 安全漏洞
Student Record Management System is a software application. Student Record Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the id and password parameters of login.php. An attacker can exploit this...