RSS   Vulnerabilities for 'Hospital management system'   RSS

2022-07-01
 
CVE-2022-32093

CWE-89
 
 
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at adminlogin.php.

 
 
CVE-2022-32094

CWE-89
 
 
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at doctorlogin.php.

 
 
CVE-2022-32095

CWE-89
 
 
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at orders.php.

 
2022-06-02
 
CVE-2021-44095

CWE-89
 
 
A SQL injection vulnerability exists in ProjectWorlds Hospital Management System in php 1.0 on login page that allows a remote attacker to compromise Application SQL database.

 
2022-05-26
 
CVE-2022-30516

CWE-89
 
 
In Hospital-Management-System v1.0, the editid parameter in the doctor.php page is vulnerable to SQL injection attacks.

 
2022-05-16
 
CVE-2022-30012

CWE-89
 
 
In the POST request of the appointment.php page of HMS v.0, there are SQL injection vulnerabilities in multiple parameters, and database information can be obtained through injection.

 
2022-05-15
 
CVE-2022-28929

CWE-89
 
 
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the delid parameter at viewtreatmentrecord.php.

 
2022-05-04
 
CVE-2022-27420

CWE-89
 
 
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php.

 
2022-03-31
 
CVE-2022-24136

CWE-434
 
 
Hospital Management System v1.0 is affected by an unrestricted upload of dangerous file type vulerability in treatmentrecord.php. To exploit, an attacker can upload any PHP file, and then execute it.

 
2022-02-28
 
CVE-2022-25407

CWE-79
 
 
Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Doctor parameter at /admin-panel1.php.

 

Copyright 2024, cxsecurity.com

 

Back to Top