Hospital's Patient Records Management System Security Vulnerabilities and Issues — Hospital's Patient Records Management System CVE List

Lucene search

Hospital's Patient Records Management System ProjectHospital's Patient Records Management System

26 matches found

CVE•added 2022/02/16 6:15 p.m.•134 views

CVE-2022-22853

A stored cross-site scripting (XSS) vulnerability in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Name field.

5.4CVSS5.2AI score0.00335EPSS

CVE•added 2022/02/24 7:15 p.m.•109 views

CVE-2022-25004

Hospital Patient Record Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/doctors/manage_doctor.php.

9.8CVSS9.7AI score0.00356EPSS

CVE•added 2022/02/14 6:15 p.m.•105 views

CVE-2022-22854

An access control issue in hprms/admin/?page=user/list of Hospital Patient Record Management System v1.0 allows attackers to escalate privileges via accessing and editing the user list.

8.8CVSS8.7AI score0.00294EPSS

CVE•added 2022/01/24 2:15 p.m.•79 views

CVE-2022-22296

Sourcecodester Hospital's Patient Records Management System 1.0 is vulnerable to Insecure Permissions via the id parameter in manage_user endpoint. Simply change the value and data of other users can be displayed.

5.3CVSS5.2AI score0.00131EPSS

CVE•added 2022/01/26 7:15 p.m.•77 views

CVE-2022-22850

A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_types.

5.4CVSS5.2AI score0.0018EPSS

CVE•added 2022/02/24 7:15 p.m.•77 views

CVE-2022-25003

Hospital Patient Record Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/doctors/view_doctor.php.

9.8CVSS9.7AI score0.00441EPSS

CVE•added 2022/01/26 8:15 p.m.•65 views

CVE-2022-22852

A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_list.

5.4CVSS5.2AI score0.00261EPSS

CVE•added 2022/03/30 12:15 a.m.•64 views

CVE-2022-26244

5.4CVSS5.2AI score0.00181EPSS

CVE•added 2022/06/14 4:15 p.m.•61 views

CVE-2022-32352

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient_admission.

9.8CVSS9.7AI score0.0025EPSS

CVE•added 2022/06/14 4:15 p.m.•58 views

CVE-2022-32350

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_room_type.

7.2CVSS7.3AI score0.0026EPSS

CVE•added 2022/01/26 4:15 p.m.•57 views

CVE-2022-22851

A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php

5.4CVSS5.2AI score0.0018EPSS

CVE•added 2022/02/24 7:15 p.m.•56 views

CVE-2022-24232

A local file inclusion in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.

7.8CVSS7.7AI score0.00415EPSS

CVE•added 2022/06/14 4:15 p.m.•52 views

CVE-2022-32339

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/doctors/view_doctor.php?id=.

7.2CVSS7.4AI score0.0026EPSS

CVE•added 2022/06/14 4:15 p.m.•51 views

CVE-2022-32351

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_message.

7.2CVSS7.4AI score0.0026EPSS

CVE•added 2022/06/14 4:15 p.m.•50 views

CVE-2022-32349

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient_history.

7.2CVSS7.4AI score0.0026EPSS

CVE•added 2022/06/14 4:15 p.m.•49 views

CVE-2022-32343

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via hprms/admin/room_types/manage_room_type.php?id=.

7.2CVSS7.4AI score0.0026EPSS

CVE•added 2022/06/14 4:15 p.m.•49 views

CVE-2022-32347

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_room.

7.2CVSS7.4AI score0.0026EPSS

CVE•added 2022/06/14 4:15 p.m.•48 views

CVE-2022-32340

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/?page=patients/view_patient&id=.

7.2CVSS7.4AI score0.0026EPSS

CVE•added 2022/06/14 4:15 p.m.•48 views

CVE-2022-32345

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/rooms/manage_room.php?id=.

7.2CVSS7.4AI score0.0026EPSS

CVE•added 2022/06/14 4:15 p.m.•47 views

CVE-2022-32342

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/room_types/view_room_type.php?id=.

7.2CVSS7.3AI score0.0026EPSS

CVE•added 2022/06/14 4:15 p.m.•47 views

CVE-2022-32344

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient.

7.2CVSS7.3AI score0.0026EPSS

CVE•added 2022/06/14 4:15 p.m.•47 views

CVE-2022-32346

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/rooms/view_room.php?id=.

7.2CVSS7.4AI score0.0026EPSS

CVE•added 2022/06/14 4:15 p.m.•46 views

CVE-2022-32348

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_doctor.

7.2CVSS7.3AI score0.0026EPSS

CVE•added 2022/06/14 5:15 p.m.•45 views

CVE-2022-32337

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/patients/manage_patient.php?id=.

9.8CVSS9.7AI score0.0025EPSS

CVE•added 2022/06/14 4:15 p.m.•44 views

CVE-2022-32338

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/doctors/manage_doctor.php?id=.

7.2CVSS7.4AI score0.0026EPSS

CVE•added 2022/06/14 4:15 p.m.•44 views

CVE-2022-32341

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/?page=user/manage_user&id=.

7.2CVSS7.3AI score0.0026EPSS