8 matches found
CVE-2026-3724 SourceCodester Patients Waiting Area Queue Management System checkin.php improper authorization
A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. This impacts an unknown function of the file /checkin.php. This manipulation of the argument patientid causes improper authorization. It is possible to initiate the attack remotely. The exploit has...
CVE-2026-2149
A vulnerability was detected in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /appointments.php. The manipulation of the argument patientid results in cross site scripting. It is possible to...
CVE-2026-2149 SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System appointments.php cross site scripting
A vulnerability was detected in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /appointments.php. The manipulation of the argument patientid results in cross site scripting. It is possible to...
CVE-2026-1147 SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System api_patient_schedule.php cross site scripting
A vulnerability was found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. This affects an unknown part of the file /php/apipatientschedule.php. Performing a manipulation of the argument Reason results in cross site scripting. It is possible to initiate the attac...
CVE-2026-1146
The CVE affects SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. The vulnerability is in the file /php/api_register_patient.php , where manipulating the arguments firstName /lastName leads to cross-site scripting (XSS) . It can be exploited remotely, and the exploit...
CVE-2025-13248 SourceCodester Patients Waiting Area Queue Management System api_patient_schedule.php sql injection
A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element is an unknown function of the file /php/apipatientschedule.php. This manipulation of the argument appointmentID causes sql injection. The attack can be initiated remotely. The...
PT-2025-47083
Name of the Vulnerable Software and Affected Versions SourceCodester Patients Waiting Area Queue Management System version 1.0 Description A flaw exists in SourceCodester Patients Waiting Area Queue Management System 1.0. The issue involves SQL injection stemming from manipulation of the...
CVE-2025-13122 SourceCodester Patients Waiting Area Queue Management System api_patient_checkin.php getPatientAppointment sql injection
A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. The affected element is the function getPatientAppointment of the file /php/apipatientcheckin.php. Performing manipulation of the argument appointmentID results in sql injection. It is possible to...