RSS   Vulnerabilities for 'Hospital managment system'   RSS

2022-05-16
 
CVE-2022-30011

CWE-89
 

 
In HMS 1.0 when requesting appointment.php through POST, multiple parameters can lead to a SQL injection vulnerability.

 
2022-03-31
 
CVE-2022-26546

CWE-862
 

 
Hospital Management System v1.0 was discovered to lack an authorization component, allowing attackers to access sensitive information and obtain the admin password.

 
2022-03-15
 
CVE-2022-25490

CWE-89
 

 
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in department.php.

 
 
CVE-2022-25491

CWE-89
 

 
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in appointment.php.

 
 
CVE-2022-25492

CWE-89
 

 
HMS v1.0 was discovered to contain a SQL injection vulnerability via the medicineid parameter in ajaxmedicine.php.

 
 
CVE-2022-25493

CWE-79
 

 
HMS v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via treatmentrecord.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top