Medical Card Generation System Security Vulnerabilities and Issues — Medical Card Generation System CVE List

Lucene search

Anujk305Medical Card Generation System

8 matches found

CVE•added 2024/12/06 6:15 p.m.•59 views

CVE-2024-48703

PhpGurukul Medical Card Generation System v1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/search-medicalcard.php via the searchdata parameter.

4.8CVSS6.1AI score0.00053EPSS

CVE•added 2025/05/23 3:15 p.m.•38 views

CVE-2024-51107

Multiple stored cross-site scripting (XSS) vulnerabilities in the component /mcgs/admin/contactus.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the pagetitle, pagedes, and emai...

4.8CVSS5.8AI score0.0004EPSS

CVE•added 2025/05/23 3:15 p.m.•37 views

CVE-2024-51108

Multiple stored cross-site scripting (XSS) vulnerabilities in the component /admin/card-bwdates-report.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the fromdate and todate par...

5.4CVSS5.8AI score0.00034EPSS

CVE•added 2024/10/23 6:15 p.m.•35 views

CVE-2024-10297

A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/changeimage.php of the component Managecard Edit Image Page. The manipulation of the argument editid leads to sql inject...

7.2CVSS5.2AI score0.00059EPSS

CVE•added 2025/05/19 3:15 p.m.•20 views

CVE-2024-51106

A cross-site scripting (XSS) vulnerability in the component mcgs/admin/aboutus.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the pagetitle parameter.

4.6CVSS5.9AI score0.00021EPSS

CVE•added 2025/06/27 4:15 p.m.•7 views

CVE-2025-50367

A stored blind XSS vulnerability exists in the Contact Page of the Phpgurukul Medical Card Generation System 1.0 mcgs/contact.php. The name field fails to properly sanitize user input, allowing an attacker to inject malicious JavaScript.

6.1CVSS5.5AI score0.00031EPSS

CVE•added 2025/06/27 4:15 p.m.•7 views

CVE-2025-50369

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Manage Card functionality (/mcgs/admin/manage-card.php) of PHPGurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authorized admin to delete medical card records by sending a simple GET request without verifyi...

6.5CVSS6.7AI score0.00018EPSS

CVE•added 2025/06/27 4:15 p.m.•7 views

CVE-2025-50370

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Inquiry Management functionality /mcgs/admin/readenq.php of the Phpgurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authenticated admin to delete inquiry records via a simple GET request, without requiring ...

6.5CVSS6.6AI score0.00018EPSS