Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Remote Clinic Security Vulnerabilities

cve
cve

CVE-2021-30030

Cross Site Scripting (XSS) in Remote Clinic v2.0 via the Full Name field on register-patient.php.

5.4CVSS

5.3AI Score

0.001EPSS

2021-04-13 12:15 AM
75
cve
cve

CVE-2021-30034

Cross Site Scripting (XSS) in Remote Clinic v2.0 via the Symptons field on patients/register-report.php.

5.4CVSS

5.3AI Score

0.001EPSS

2021-04-13 12:15 AM
75
cve
cve

CVE-2021-30039

Cross Site Scripting (XSS) in Remote Clinic v2.0 via the "Fever" or "Blood Pressure" field on the patients/register-report.php.

5.4CVSS

5.3AI Score

0.001EPSS

2021-04-13 12:15 AM
81
cve
cve

CVE-2021-30042

Cross Site Scripting (XSS) in Remote Clinic v2.0 via the "Clinic Name", "Clinic Address", "Clinic City", or "Clinic Contact" field on clinics/register.php

5.4CVSS

5.3AI Score

0.001EPSS

2021-04-13 12:15 AM
73
cve
cve

CVE-2021-30044

Cross Site Scripting (XSS) in Remote Clinic v2.0 via the First Name or Last Name field on staff/register.php.

5.4CVSS

5.3AI Score

0.001EPSS

2021-04-13 12:15 AM
75
2
cve
cve

CVE-2021-31327

Stored XSS in Remote Clinic v2.0 in /medicines due to Medicine Name Field.

5.4CVSS

5.2AI Score

0.001EPSS

2021-04-21 04:15 PM
37
cve
cve

CVE-2021-31329

Cross Site Scripting (XSS) in Remote Clinic v2.0 via the "Chat" and "Personal Address" field on staff/register.php

5.4CVSS

5.4AI Score

0.001EPSS

2021-04-21 04:15 PM
42
cve
cve

CVE-2021-39416

Multiple Cross Site Scripting (XSS) vulnerabilities exists in Remote Clinic v2.0 in (1) patients/register-patient.php via the (a) Contact, (b) Email, (c) Weight, (d) Profession, (e) ref_contact, (f) address, (g) gender, (h) age, and (i) serial parameters; in (2) patients/edit-patient.php via the (a...

6.1CVSS

6.2AI Score

0.001EPSS

2021-11-05 04:15 PM
21
cve
cve

CVE-2022-48152

SQL Injection vulnerability in RemoteClinic 2.0 allows attackers to execute arbitrary commands and gain sensitive information via the id parameter to /medicines/profile.php.

9.8CVSS

9.9AI Score

0.002EPSS

2023-01-20 07:15 PM
19
cve
cve

CVE-2023-33478

RemoteClinic 2.0 has a SQL injection vulnerability in the ID parameter of /medicines/stocks.php.

9.8CVSS

9.7AI Score

0.001EPSS

2023-11-07 03:15 PM
17
cve
cve

CVE-2023-33479

RemoteClinic version 2.0 contains a SQL injection vulnerability in the /staff/edit.php file.

9.8CVSS

9.6AI Score

0.001EPSS

2023-11-07 03:15 PM
36
cve
cve

CVE-2023-33480

RemoteClinic 2.0 contains a critical vulnerability chain that can be exploited by a remote attacker with low-privileged user credentials to create admin users, escalate privileges, and execute arbitrary code on the target system via a PHP shell. The vulnerabilities are caused by a lack of input val...

8.8CVSS

9.1AI Score

0.001EPSS

2023-11-07 03:15 PM
17
cve
cve

CVE-2023-33481

RemoteClinic 2.0 is vulnerable to a time-based blind SQL injection attack in the 'start' GET parameter of patients/index.php.

9.8CVSS

9.7AI Score

0.001EPSS

2023-11-07 03:15 PM
13