4 matches found
CVE-2023-6425
The CVE-2023-6425 issue affects BigProf Online Clinic Management System 2.2. It describes persistent XSS caused by insufficient encoding of user-controlled input in the FirstRecord parameter of the /clinic/medical_records_view.php endpoint. The vulnerability could allow an attacker to store JavaS...
CVE-2023-6424
BigProf Online Clinic Management System v2.2 contains a persistent XSS in the FirstRecord parameter of /clinic/disease_symptoms_view.php due to insufficient input encoding. Exploitation could allow storing JavaScript payloads that execute when the affected page loads. Connected sources (NVD/CVE e...
CVE-2023-6423
Summary: CVE-2023-6423 affects BigProf Online Clinic Management System 2.2, with a persistent XSS in the FirstRecord parameter of /clinic/events_view.php due to insufficient input encoding. This could allow an attacker to store JavaScript payloads that execute when the page loads. Affirmed detail...
CVE-2023-6422
Summary: CVE-2023-6422 affects BigProf Online Clinic Management System 2.2. The vulnerability is a persistent XSS in the FirstRecord parameter of the endpoint /clinic/patients_view.php due to insufficient encoding of user-supplied input. This can allow an attacker to store JavaScript payloads on ...