Vulnerabilities > Bigprof > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-30 | CVE-2023-6422 | Cross-site Scripting vulnerability in Bigprof Online Clinic Management System 2.2 A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/patients_view.php, in the FirstRecord parameter. | 5.4 |
| 2023-11-30 | CVE-2023-6423 | Cross-site Scripting vulnerability in Bigprof Online Clinic Management System 2.2 A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/events_view.php, in the FirstRecord parameter. | 5.4 |
| 2023-11-30 | CVE-2023-6424 | Cross-site Scripting vulnerability in Bigprof Online Clinic Management System 2.2 A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/disease_symptoms_view.php, in the FirstRecord parameter. | 5.4 |
| 2023-11-30 | CVE-2023-6425 | Cross-site Scripting vulnerability in Bigprof Online Clinic Management System 2.2 A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/medical_records_view.php, in the FirstRecord parameter. | 5.4 |
| 2023-11-30 | CVE-2023-6426 | Cross-site Scripting vulnerability in Bigprof Online Invoicing System 2.6 A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /invoicing/app/invoices_view.php, in the FirstRecord parameter. | 5.4 |
| 2023-11-30 | CVE-2023-6427 | Cross-site Scripting vulnerability in Bigprof Online Invoicing System 2.6 A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /invoicing/app/invoices_view.php, in the FirstRecord parameter. | 5.4 |
| 2023-11-30 | CVE-2023-6428 | Cross-site Scripting vulnerability in Bigprof Online Invoicing System 2.6 A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /invoicing/app/items_view.php, in the FirstRecord parameter. | 5.4 |
| 2023-11-30 | CVE-2023-6429 | Cross-site Scripting vulnerability in Bigprof Online Invoicing System 2.6 A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /invoicing/app/clients_view.php, in the FirstRecord parameter. | 5.4 |
| 2023-11-30 | CVE-2023-6430 | Cross-site Scripting vulnerability in Bigprof Online Invoicing System 2.6 A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /inventory/transactions_view.php, in the FirstRecord parameter. | 5.4 |
| 2023-11-30 | CVE-2023-6431 | Cross-site Scripting vulnerability in Bigprof Online Invoicing System 2.6 A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /inventory/categories_view.php, in the FirstRecord parameter. | 5.4 |