Vulnerabilities > Hospital Management System Project

DATE CVE VULNERABILITY TITLE RISK
2022-05-04 CVE-2022-27420 SQL Injection vulnerability in Hospital Management System Project Hospital Management System 1.0
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php.
7.5
2022-05-03 CVE-2022-27413 SQL Injection vulnerability in Hospital Management System Project Hospital Management System 1.0
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the adminname parameter in admin.php.
7.5
2022-04-26 CVE-2022-27299 SQL Injection vulnerability in Hospital Management System Project Hospital Management System 1.0
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the component room.php.
7.5
2022-03-31 CVE-2022-26546 Missing Authorization vulnerability in Hospital Management System Project Hospital Management System 1.0
Hospital Management System v1.0 was discovered to lack an authorization component, allowing attackers to access sensitive information and obtain the admin password.
6.4
2022-03-31 CVE-2022-24136 Unrestricted Upload of File with Dangerous Type vulnerability in Hospital Management System Project Hospital Management System 1.0
Hospital Management System v1.0 is affected by an unrestricted upload of dangerous file type vulerability in treatmentrecord.php.
7.5
2022-03-15 CVE-2022-25490 SQL Injection vulnerability in Hospital Management System Project Hospital Management System 1.0
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in department.php.
7.5
2022-03-15 CVE-2022-25491 SQL Injection vulnerability in Hospital Management System Project Hospital Management System 1.0
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in appointment.php.
7.5
2022-03-15 CVE-2022-25492 SQL Injection vulnerability in Hospital Management System Project Hospital Management System 1.0
HMS v1.0 was discovered to contain a SQL injection vulnerability via the medicineid parameter in ajaxmedicine.php.
7.5
2022-03-15 CVE-2022-25493 Cross-site Scripting vulnerability in Hospital Management System Project Hospital Management System 1.0
HMS v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via treatmentrecord.php.
4.3
2022-02-28 CVE-2022-25407 Cross-site Scripting vulnerability in Hospital Management System Project Hospital Management System 1.0
Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Doctor parameter at /admin-panel1.php.
3.5