Vulnerabilities > Bigprof > Online Clinic Management System > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-11-30 CVE-2023-6422 Cross-site Scripting vulnerability in Bigprof Online Clinic Management System 2.2
A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/patients_view.php, in the FirstRecord parameter.
network
low complexity
bigprof CWE-79
5.4
5.4
2023-11-30 CVE-2023-6423 Cross-site Scripting vulnerability in Bigprof Online Clinic Management System 2.2
A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/events_view.php, in the FirstRecord parameter.
network
low complexity
bigprof CWE-79
5.4
5.4
2023-11-30 CVE-2023-6424 Cross-site Scripting vulnerability in Bigprof Online Clinic Management System 2.2
A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/disease_symptoms_view.php, in the FirstRecord parameter.
network
low complexity
bigprof CWE-79
5.4
5.4
2023-11-30 CVE-2023-6425 Cross-site Scripting vulnerability in Bigprof Online Clinic Management System 2.2
A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/medical_records_view.php, in the FirstRecord parameter.
network
low complexity
bigprof CWE-79
5.4
5.4