16 matches found
EUVD-2024-16060
Malicious code in bioql PyPI...
CVE-2024-6273
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been declared as problematic. Affected by this vulnerability is the function savepatient of the file patientside.php. The manipulation of the argument Full Name/Contact/Address leads to cross site scripting. The attack...
CVE-2024-0265
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php of the component GET Parameter Handler. The manipulation of the argument page leads to file inclusion. The attack may be initiate...
CVE-2024-6273 SourceCodester Clinic Queuing System patient_side.php save_patient cross site scripting
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been declared as problematic. Affected by this vulnerability is the function savepatient of the file patientside.php. The manipulation of the argument Full Name/Contact/Address leads to cross site scripting. The attack...
CVE-2024-6273 SourceCodester Clinic Queuing System patient_side.php save_patient cross site scripting
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been declared as problematic. Affected by this vulnerability is the function savepatient of the file patientside.php. The manipulation of the argument Full Name/Contact/Address leads to cross site scripting. The attack...
CVE-2024-6273
SourceCodester Clinic Queuing System 1.0 is affected. The vulnerability is in the function save_patient of patient_side.php, where manipulating Full Name/Contact/Address leads to cross-site scripting. The issue can be exploited remotely and the exploit has been publicly disclosed. No patch detail...
CVE-2024-0265
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php of the component GET Parameter Handler. The manipulation of the argument page leads to file inclusion. The attack may be initiate...
CVE-2024-0264
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /LoginRegistration.php. The manipulation of the argument formToken leads to authorization bypass. The attack can be initiated remotely. The...
Design/Logic Flaw
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php of the component GET Parameter Handler. The manipulation of the argument page leads to file inclusion. The attack may be initiate...
Authorization
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /LoginRegistration.php. The manipulation of the argument formToken leads to authorization bypass. The attack can be initiated remotely. The...
CVE-2024-0265 SourceCodester Clinic Queuing System GET Parameter index.php file inclusion
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php of the component GET Parameter Handler. The manipulation of the argument page leads to file inclusion. The attack may be initiate...
CVE-2024-0265 SourceCodester Clinic Queuing System GET Parameter index.php file inclusion
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php of the component GET Parameter Handler. The manipulation of the argument page leads to file inclusion. The attack may be initiate...
CVE-2024-0265
CVE-2024-0265 affects SourceCodester Clinic Queuing System 1.0. The issue is a local file inclusion (LFI) via the GET parameter handler in the file /index.php, where the argument page is unsafely used in an include(). The root cause is the unsanitized input being incorporated into PHP include(), ...
CVE-2024-0264 SourceCodester Clinic Queuing System LoginRegistration.php authorization
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /LoginRegistration.php. The manipulation of the argument formToken leads to authorization bypass. The attack can be initiated remotely. The...
CVE-2024-0264 SourceCodester Clinic Queuing System LoginRegistration.php authorization
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /LoginRegistration.php. The manipulation of the argument formToken leads to authorization bypass. The attack can be initiated remotely. The...
CVE-2024-0264
CVE-2024-0264 affects SourceCodester Clinic Queuing System 1.0 in the /LoginRegistration.php handling of formToken. The root cause is an authorization bypass due to a flawed validation of formToken (session vs. POST) that allows remote exploitation; multiple sources document this CVE and indicate...