Vulnerabilities > Hospital Management System Project

DATE CVE VULNERABILITY TITLE RISK
2022-03-15 CVE-2022-25490 SQL Injection vulnerability in Hospital Management System Project Hospital Management System 1.0
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in department.php.
network
low complexity
hospital-management-system-project CWE-89
critical
9.8
2022-03-15 CVE-2022-25491 SQL Injection vulnerability in Hospital Management System Project Hospital Management System 1.0
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in appointment.php.
7.5
2022-03-15 CVE-2022-25492 SQL Injection vulnerability in Hospital Management System Project Hospital Management System 1.0
HMS v1.0 was discovered to contain a SQL injection vulnerability via the medicineid parameter in ajaxmedicine.php.
network
low complexity
hospital-management-system-project CWE-89
critical
9.8
2022-03-15 CVE-2022-25493 Cross-site Scripting vulnerability in Hospital Management System Project Hospital Management System 1.0
HMS v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via treatmentrecord.php.
6.1
2022-02-28 CVE-2022-25407 Cross-site Scripting vulnerability in Hospital Management System Project Hospital Management System 1.0
Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Doctor parameter at /admin-panel1.php.
5.4
2022-02-28 CVE-2022-25408 Cross-site Scripting vulnerability in Hospital Management System Project Hospital Management System 1.0
Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the dpassword parameter at /admin-panel1.php.
5.4
2022-02-28 CVE-2022-25409 Cross-site Scripting vulnerability in Hospital Management System Project Hospital Management System 1.0
Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the demail parameter at /admin-panel1.php.
5.4
2022-02-24 CVE-2022-25402 Unspecified vulnerability in Hospital Management System Project Hospital Management System 1.0
An incorrect access control issue in HMS v1.0 allows unauthenticated attackers to read and modify all PHP files.
network
low complexity
hospital-management-system-project
critical
9.1
2022-02-24 CVE-2022-25403 SQL Injection vulnerability in Hospital Management System Project Hospital Management System 1.0
HMS v1.0 was discovered to contain a SQL injection vulnerability via the component admin.php.
network
low complexity
hospital-management-system-project CWE-89
critical
9.8
2021-08-16 CVE-2021-38754 SQL Injection vulnerability in Hospital Management System Project Hospital Management System
SQL Injection vulnerability in Hospital Management System due to lack of input validation in messearch.php.
network
low complexity
hospital-management-system-project CWE-89
critical
9.8