Vulnerabilities > Doctor Appointment System Project > Doctor Appointment System
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-11 | CVE-2023-40945 | SQL Injection vulnerability in Doctor Appointment System Project Doctor Appointment System 1.0 Sourcecodester Doctor Appointment System 1.0 is vulnerable to SQL Injection in the variable $userid at doctors\myDetails.php. | 9.8 |
| 2023-08-15 | CVE-2023-39852 | SQL Injection vulnerability in Doctor Appointment System Project Doctor Appointment System 1.0 Doctormms v1.0 was discovered to contain a SQL injection vulnerability via the $userid parameter at myAppoinment.php. | 9.8 |
| 2021-03-24 | CVE-2021-27320 | SQL Injection vulnerability in Doctor Appointment System Project Doctor Appointment System 1.0 Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via firstname parameter. | 5.0 |
| 2021-03-24 | CVE-2021-27319 | SQL Injection vulnerability in Doctor Appointment System Project Doctor Appointment System 1.0 Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via email parameter. | 5.0 |
| 2021-03-24 | CVE-2021-27316 | SQL Injection vulnerability in Doctor Appointment System Project Doctor Appointment System 1.0 Blind SQL injection in contactus.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via lastname parameter. | 5.0 |
| 2021-03-24 | CVE-2021-27315 | SQL Injection vulnerability in Doctor Appointment System Project Doctor Appointment System 1.0 Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via the comment parameter. | 5.0 |
| 2021-03-05 | CVE-2021-27314 | SQL Injection vulnerability in Doctor Appointment System Project Doctor Appointment System 1.0 SQL injection in admin.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via username parameter at login page. | 7.5 |
| 2021-03-01 | CVE-2021-27318 | Cross-site Scripting vulnerability in Doctor Appointment System Project Doctor Appointment System 1.0 Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the lastname parameter. | 4.3 |
| 2021-03-01 | CVE-2021-27317 | Cross-site Scripting vulnerability in Doctor Appointment System Project Doctor Appointment System 1.0 Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the comment parameter. | 4.3 |
| 2021-02-18 | CVE-2021-27124 | SQL Injection vulnerability in Doctor Appointment System Project Doctor Appointment System 1.0 SQL injection in the expertise parameter in search_result.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack. | 4.0 |