5 matches found
CVE-2024-10449
CV_E-2024-10449 affects Codezips Hospital Appointment System 1.0. The vulnerability is in /loginAction.php where manipulating the Username parameter enables SQL injection. It can be exploited remotely and public disclosures exist; multiple sources rate it as critical/high impact with potential co...
CVE-2024-10995
The CVE-2024-10995 entry affects Codezips Hospital Appointment System 1.0. The vulnerability is in the file /removeDoctorResult.php, where the Name parameter can cause SQL injection. It may be exploited remotely with low attack complexity and no privileges, risking confidentiality, integrity, and...
CVE-2024-10991
The CVE-2024-10991 entry affects Codezips Hospital Appointment System 1.0, with the vulnerability located in /editBranchResult.php where manipulation of the ID parameter leads to SQL injection. The attack is described as remotely initiable, with public disclosure of the exploit. Concrete technica...
CVE-2024-10791
Codezips Hospital Appointment System 1.0 is affected by a SQL injection in the /doctorAction.php handler, triggered by manipulating the Name argument. Exploitation can be remote, and multiple sources label the issue as CRITICAL with publicly disclosed exploits. Connected reports consistently note...
CVE-2024-11057
CVE-2024-11057 is a confirmed vulnerability in Codezips Hospital Appointment System 1.0. The weakness resides in the file /removeBranchResult.php, where manipulation of the ID/Name parameter enables SQL injection. It is described as remotely exploitable, with public disclosures of exploits. Multi...