Lucene search
K
CodezipsHospital Appointment System

5 matches found

CVE
CVE
added 2024/10/28 2:31 p.m.53 views

CVE-2024-10449

CV_E-2024-10449 affects Codezips Hospital Appointment System 1.0. The vulnerability is in /loginAction.php where manipulating the Username parameter enables SQL injection. It can be exploited remotely and public disclosures exist; multiple sources rate it as critical/high impact with potential co...

9.8CVSS7.7AI score0.01369EPSS
CVE
CVE
added 2024/11/08 6:31 a.m.52 views

CVE-2024-10995

The CVE-2024-10995 entry affects Codezips Hospital Appointment System 1.0. The vulnerability is in the file /removeDoctorResult.php, where the Name parameter can cause SQL injection. It may be exploited remotely with low attack complexity and no privileges, risking confidentiality, integrity, and...

9.8CVSS7.6AI score0.00663EPSS
CVE
CVE
added 2024/11/08 5:0 a.m.49 views

CVE-2024-10991

The CVE-2024-10991 entry affects Codezips Hospital Appointment System 1.0, with the vulnerability located in /editBranchResult.php where manipulation of the ID parameter leads to SQL injection. The attack is described as remotely initiable, with public disclosure of the exploit. Concrete technica...

9.8CVSS7.7AI score0.00663EPSS
CVE
CVE
added 2024/11/04 7:31 p.m.48 views

CVE-2024-10791

Codezips Hospital Appointment System 1.0 is affected by a SQL injection in the /doctorAction.php handler, triggered by manipulating the Name argument. Exploitation can be remote, and multiple sources label the issue as CRITICAL with publicly disclosed exploits. Connected reports consistently note...

9.8CVSS7.7AI score0.00587EPSS
CVE
CVE
added 2024/11/10 6:0 p.m.47 views

CVE-2024-11057

CVE-2024-11057 is a confirmed vulnerability in Codezips Hospital Appointment System 1.0. The weakness resides in the file /removeBranchResult.php, where manipulation of the ID/Name parameter enables SQL injection. It is described as remotely exploitable, with public disclosures of exploits. Multi...

9.8CVSS7.7AI score0.00628EPSS
Web