114 matches found
CVE-2025-70063
The 'Medical History' module in PHPGurukul Hospital Management System v4.0 contains an Insecure Direct Object Reference IDOR vulnerability. The application fails to verify that the requested 'viewid' parameter belongs to the currently authenticated patient. This allows a user to access the...
CVE-2025-70063
The 'Medical History' module in PHPGurukul Hospital Management System v4.0 contains an Insecure Direct Object Reference IDOR vulnerability. The application fails to verify that the requested 'viewid' parameter belongs to the currently authenticated patient. This allows a user to access the...
CVE-2025-70063
The 'Medical History' module in PHPGurukul Hospital Management System v4.0 contains an Insecure Direct Object Reference IDOR vulnerability. The application fails to verify that the requested 'viewid' parameter belongs to the currently authenticated patient. This allows a user to access the...
PHPGurukul Hospital Management System 安全漏洞
PHPGurukul Hospital Management System is a hospital management system developed by PHPGurukul company, based on PHP and MySQL. The PHPGurukul Hospital Management System v4.0 version has a security vulnerability. This vulnerability arises from the Medical History module not verifying the ownership...
PT-2026-20483
The 'Medical History' module in PHPGurukul Hospital Management System v4.0 contains an Insecure Direct Object Reference IDOR vulnerability. The application fails to verify that the requested 'viewid' parameter belongs to the currently authenticated patient. This allows a user to access the...
CVE-2025-70063
The 'Medical History' module in PHPGurukul Hospital Management System v4.0 contains an Insecure Direct Object Reference IDOR vulnerability. The application fails to verify that the requested 'viewid' parameter belongs to the currently authenticated patient. This allows a user to access the...
CVE-2023-31936
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-pass-detail.php file...
Complete Online Beauty Parlor Management System /view-appointment.php File SQL Injection Vulnerability
Complete Online Beauty Parlor Management System is an online beauty parlor management system. The Complete Online Beauty Parlor Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter viewid i...
CVE-2025-14990
A security flaw has been discovered in Campcodes Complete Online Beauty Parlor Management System 1.0. Impacted is an unknown function of the file /admin/view-appointment.php. Performing a manipulation of the argument viewid results in sql injection. The attack may be initiated remotely. The explo...
EUVD-2025-204664
A security flaw has been discovered in Campcodes Complete Online Beauty Parlor Management System 1.0. Impacted is an unknown function of the file /admin/view-appointment.php. Performing manipulation of the argument viewid results in sql injection. The attack may be initiated remotely. The exploit...
CVE-2025-14990
A security flaw has been discovered in Campcodes Complete Online Beauty Parlor Management System 1.0. Impacted is an unknown function of the file /admin/view-appointment.php. Performing a manipulation of the argument viewid results in sql injection. The attack may be initiated remotely. The explo...
CVE-2025-14990 Campcodes Complete Online Beauty Parlor Management System view-appointment.php sql injection
A security flaw has been discovered in Campcodes Complete Online Beauty Parlor Management System 1.0. Impacted is an unknown function of the file /admin/view-appointment.php. Performing a manipulation of the argument viewid results in sql injection. The attack may be initiated remotely. The explo...
CVE-2025-14990
A security flaw has been discovered in Campcodes Complete Online Beauty Parlor Management System 1.0. Impacted is an unknown function of the file /admin/view-appointment.php. Performing a manipulation of the argument viewid results in sql injection. The attack may be initiated remotely. The explo...
CVE-2025-14990
The CVE-2025-14990 issue affects Campcodes Complete Online Beauty Parlor Management System 1.0. The vulnerability is an SQL injection in the file /admin/view-appointment.php, caused by manipulation of the viewid parameter in an unknown function. The attack can be performed remotely, and public ex...
CampCodes Complete Online Beauty Parlor Management System SQL注入漏洞
Complete Online Beauty Parlor Management System is an online beauty parlor management system. The Complete Online Beauty Parlor Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter viewid i...
EUVD-2025-26656
Malicious code in bioql PyPI...
EUVD-2025-30430
Malicious code in bioql PyPI...
EUVD-2025-28425
Malicious code in bioql PyPI...
CVE-2025-10825
A vulnerability was identified in Campcodes Online Beauty Parlor Management System 1.0. Affected is an unknown function of the file /admin/view-appointment.php. The manipulation of the argument viewid leads to sql injection. The attack can be initiated remotely. The exploit is publicly available...
CVE-2025-10825
A vulnerability was identified in Campcodes Online Beauty Parlor Management System 1.0. Affected is an unknown function of the file /admin/view-appointment.php. The manipulation of the argument viewid leads to sql injection. The attack can be initiated remotely. The exploit is publicly available...