21 matches found
CVE-2025-5298
CVE-2025-5298 affects Campcodes Online Hospital Management System v1.0. The vulnerability lies in an unsafeguarded fromdate/todate parameter in /admin/betweendates-detailsreports.php, allowing remote SQL injection due to improper input handling. Multiple sources confirm exploitability and public ...
CVE-2025-5364
CVE-2025-5364 affects Campcodes Online Hospital Management System 1.0, with a SQL injection vulnerability in the /doctor/add-patient.php file where the patname parameter is manipulable. The root cause is an improper handling of user input in that function, enabling remote exploitation and potenti...
CVE-2025-5359
CVE-2025-5359 affects Campcodes Online Hospital Management System version 1.0. The vulnerability is in the file /appointment-history.php, where manipulation of the ID parameter leads to a SQL injection. The issue is exploitable remotely and has been publicly disclosed. Multiple connected sources ...
CVE-2025-5208
CVE-2025-5208 affects SourceCodester Online Hospital Management System 1.0. The vulnerability lies in /admin/check_availability.php where the emailid parameter is susceptible to SQL injection, enabling remote exploitation. Several connected documents corroborate the existence of a SQL injection i...
CVE-2025-5363
CVE-2025-5363 affects Campcodes Online Hospital Management System 1.0. The issue is a SQL injection in the /doctor/index.php file triggered by manipulating the Username argument. It is exploitable remotely and has been publicly disclosed. Various sources list high criticality with network access ...
CVE-2025-5246
CVE-2025-5246 affects Campcodes Online Hospital Management System 1.0. The vulnerability is an SQL injection in /hms/admin/query-details.php triggered by manipulating the adminremark parameter. It is a network-exposed issue with remote attack potential and has been publicly disclosed. Connected d...
CVE-2025-5360
CVE-2025-5360 affects Campcodes Online Hospital Management System 1.0, with the vulnerability located in the /book-appointment.php endpoint. The issue arises from unsafe handling of the doctor parameter, enabling SQL injection that can be triggered remotely over the network. Multiple sources corr...
CVE-2025-5362
CVE-2025-5362 affects Campcodes Online Hospital Management System 1.0. The vulnerability is an SQL injection in the file /admin/doctor-specilization.php caused by manipulating the parameter doctorspecilization, exploitable remotely. Multiple sources confirm exploitation possibilities and public d...
CVE-2025-5603
Campcodes Hospital Management System 1.0 contains a SQL injection in /registration.php, exploitable remotely by manipulating the full_name/username parameters. Multiple sources label the issue critical (CVSS-like scores range from high to critical), with attack vector NETWORK and no user interact...
CVE-2025-5361
CVE-2025-5361 affects Campcodes Online Hospital Management System 1.0. The vulnerability is an SQL injection in the /contact.php handler, triggered by manipulating the fullname parameter. Multiple sources confirm remote exploitation with public disclosure. Impact is SQL-related compromise of data...
CVE-2025-5224
CVE-2025-5224 affects Campcodes Online Hospital Management System 1.0. Affected is an unknown function in /admin/add-doctor.php where manipulating the Doctorspecialization parameter leads to a SQL injection. The vulnerability is exploitable remotely and the exploit has been disclosed publicly. Mu...
CVE-2025-5604
CVE-2025-5604 affects Campcodes Hospital Management System 1.0. The vulnerability is a SQL injection in the file /user-login.php triggered by manipulating the Username parameter. It is exploitable remotely over a network, with exploitation information publicly disclosed in the provided documents....
CVE-2025-5602
CVE-2025-5602 affects Campcodes Hospital Management System v1.0. The vulnerability is an SQL injection in the unknown function of the file /admin/registration.php , caused by manipulation of the full_name argument. It is exploitable remotely and the exploit has been disclosed publicly. Multiple s...
CVE-2025-5229
CVE-2025-5229 affects Campcodes Online Hospital Management System v1.0. The vulnerability is in /admin/view-patient.php where manipulating the viewid parameter leads to SQL injection. The issue can be triggered remotely and the exploit has been publicly disclosed. Connected sources consistently n...
CVE-2025-5365
CVE-2025-5365 affects Campcodes Online Hospital Management System v1.0. The vulnerability is a SQL injection in an unknown part of the file /admin/patient-search.php , triggered by manipulating the searchdata argument. It is exploitable remotely and the exploit has been disclosed publicly. Multip...
CVE-2025-6406
CVE-2025-6406 affects Campcodes Online Hospital Management System 1.0. The file /hms/forgot-password.php contains a vulnerability where manipulating the fullname argument leads to SQL injection. Documents describe remote exploitation and public disclosure of the exploit. Affected functionality is...
CVE-2025-6408
CVE-2025-6408 affects Campcodes Online Hospital Management System 1.0. The vulnerability is a SQL injection in /doctor/search.php caused by manipulation of the searchdata parameter. It can be exploited remotely, and public exploit discussion is noted. Impact is described with high/critical covena...
CVE-2025-9754
CVE-2025-9754 affects Campcodes Online Hospital Management System 1.0, specifically the Edit Profile Page (unknown function in /edit-profile.php). Manipulating the Username parameter may trigger cross-site scripting. The attack can be launched remotely and the exploit has been published. Public r...
CVE-2025-6407
CVE-2025-6407 affects Campcodes Online Hospital Management System 1.0, with the vulnerability located in /user-login.php where the Username parameter enables SQL injection. Reported remotely with a PROOF-OF-CONCEPT exploit; impact per CVSS metrics is HIGH for confidentiality, integrity, and avail...
CVE-2025-63719
CVE-2025-63719 affects Campcodes Online Hospital Management System 1.0. A SQL Injection flaw exists in the admin panel at /admin/index.php, exploitable through the username parameter. The CVE’s metrics show a CVSS 3.1 base score of 7.3 (HIGH) with network access and no privileges required, and lo...
CVE-2025-9753
CVE-2025-9753 affects Campcodes Online Hospital Management System 1.0, with cross-site scripting in /admin/patient-search.php (Patient Search Module). The issue arises from manipulating the argument under Search by Name Mobile No, enabling remote exploitation. Multiple sources consistently descri...