Vulnerabilities > Hospital Management System Project

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-28	CVE-2022-25407	Cross-site Scripting vulnerability in Hospital Management System Project Hospital Management System 1.0 Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Doctor parameter at /admin-panel1.php. network low complexity hospital-management-system-project CWE-79	5.4
2022-02-28	CVE-2022-25408	Cross-site Scripting vulnerability in Hospital Management System Project Hospital Management System 1.0 Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the dpassword parameter at /admin-panel1.php. network low complexity hospital-management-system-project CWE-79	5.4
2022-02-28	CVE-2022-25409	Cross-site Scripting vulnerability in Hospital Management System Project Hospital Management System 1.0 Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the demail parameter at /admin-panel1.php. network low complexity hospital-management-system-project CWE-79	5.4
2022-02-24	CVE-2022-25402	Unspecified vulnerability in Hospital Management System Project Hospital Management System 1.0 An incorrect access control issue in HMS v1.0 allows unauthenticated attackers to read and modify all PHP files. network low complexity hospital-management-system-project critical	9.1
2022-02-24	CVE-2022-25403	SQL Injection vulnerability in Hospital Management System Project Hospital Management System 1.0 HMS v1.0 was discovered to contain a SQL injection vulnerability via the component admin.php. network low complexity hospital-management-system-project CWE-89 critical	9.8
2021-08-16	CVE-2021-38754	SQL Injection vulnerability in Hospital Management System Project Hospital Management System SQL Injection vulnerability in Hospital Management System due to lack of input validation in messearch.php. network low complexity hospital-management-system-project CWE-89 critical	9.8
2021-08-16	CVE-2021-38755	Missing Authorization vulnerability in Hospital Management System Project Hospital Management System Unauthenticated doctor entry deletion in Hospital Management System in admin-panel1.php. network low complexity hospital-management-system-project CWE-862	5.3
2021-08-16	CVE-2021-38756	Cross-site Scripting vulnerability in Hospital Management System Project Hospital Management System Persistent cross-site scripting (XSS) in Hospital Management System targeted towards web admin through prescribe.php. network low complexity hospital-management-system-project CWE-79	6.1
2021-08-16	CVE-2021-38757	Cross-site Scripting vulnerability in Hospital Management System Project Hospital Management System Persistent cross-site scripting (XSS) in Hospital Management System targeted towards web admin through contact.php. network low complexity hospital-management-system-project CWE-79	6.1