10 matches found
CVE-2024-51360
An issue in Hospital Management System In PHP V4.0 allows a remote attacker to execute arbitrary code via the hms/doctor/edit-profile.php file
CVE-2024-56990
PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /view-medhistory.php and /admin/view-patient.php.
CVE-2024-56998
PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /edit-profile.php via the parameter $address.
CVE-2024-56997
PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /doctor/index.php via the 'Email' parameter.
CVE-2025-56216
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in about-us.php via the pagetitle parameter.
CVE-2025-56212
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in add-doctor.php via the docname parameter.
CVE-2025-7176
A vulnerability was found in PHPGurukul Hospital Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view-medhistory.php. The manipulation of the argument viewid leads to sql injection. The attack can be launched remotely. ...
CVE-2025-7604
A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /user-login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. Th...
CVE-2025-56214
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in index.php via the username parameter.
CVE-2025-56215
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in contact.php via the pagetitle parameter.