Hospital Management System Security Vulnerabilities and Issues — Hospital Management System CVE List

Lucene search

PhpgurukulHospital Management System

10 matches found

CVE•added 2024/01/10 9:15 a.m.•45 views

CVE-2020-26629

A JQuery Unrestricted Arbitrary File Upload vulnerability was discovered in Hospital Management System V4.0 which allows an unauthenticated attacker to upload any file to the server.

9.8CVSS9.4AI score0.00718EPSS

CVE•added 2024/01/10 9:15 a.m.•43 views

CVE-2020-26630

A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which can allow an attacker to dump database information via a special payload in the 'Doctor Specialization' field under the 'Go to Doctors' tab after logging in as an admin.

4.9CVSS5.5AI score0.00123EPSS

CVE•added 2024/01/10 3:15 a.m.•36 views

CVE-2024-0364

A vulnerability, which was classified as critical, was found in PHPGurukul Hospital Management System 1.0. This affects an unknown part of the file admin/query-details.php. The manipulation of the argument adminremark leads to sql injection. The exploit has been disclosed to the public and may be u...

9.8CVSS9.6AI score0.00053EPSS

CVE•added 2024/01/10 3:15 a.m.•35 views

CVE-2024-0363

A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file admin/patient-search.php. The manipulation of the argument searchdata leads to sql injection. The exploit has been disclos...

9.8CVSS9.5AI score0.00053EPSS

CVE•added 2024/01/10 9:15 a.m.•33 views

CVE-2020-26628

A Cross-Site Scripting (XSS) vulnerability was discovered in Hospital Management System V4.0 which allows an attacker to execute arbitrary web scripts or HTML code via a malicious payload appended to a username on the 'Edit Profile" page and triggered by another user visiting the profile.

6.1CVSS5.8AI score0.00235EPSS

CVE•added 2024/01/10 3:15 a.m.•31 views

CVE-2024-0361

A vulnerability classified as critical has been found in PHPGurukul Hospital Management System 1.0. Affected is an unknown function of the file admin/contact.php. The manipulation of the argument mobnum leads to sql injection. The exploit has been disclosed to the public and may be used. The identi...

9.8CVSS9.7AI score0.00057EPSS

CVE•added 2024/01/07 6:15 p.m.•29 views

CVE-2024-0286

A vulnerability, which was classified as problematic, was found in PHPGurukul Hospital Management System 1.0. This affects an unknown part of the file index.php#contact_us of the component Contact Form. The manipulation of the argument Name/Email/Message leads to cross site scripting. It is possibl...

6.1CVSS6AI score0.00151EPSS

CVE•added 2024/01/10 3:15 a.m.•26 views

CVE-2024-0362

A vulnerability classified as critical was found in PHPGurukul Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/change-password.php. The manipulation of the argument cpass leads to sql injection. The exploit has been disclosed to the publi...

9.8CVSS9.7AI score0.00053EPSS

CVE•added 2024/01/10 9:15 a.m.•24 views

CVE-2020-26627

A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which can allow an attacker to dump database information via a crafted payload entered into the 'Admin Remark' parameter under the 'Contact Us Queries -> Unread Query' tab.

4.9CVSS5.4AI score0.00123EPSS

CVE•added 2024/01/10 2:15 a.m.•23 views

CVE-2024-0360

A vulnerability was found in PHPGurukul Hospital Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin/edit-doctor-specialization.php. The manipulation of the argument doctorspecilization leads to sql injection. The exploit has been discl...

9.8CVSS9.6AI score0.00057EPSS