Vulnerabilities > Hospital Management System Project

DATE CVE VULNERABILITY TITLE RISK
2022-02-28 CVE-2022-25409 Cross-site Scripting vulnerability in Hospital Management System Project Hospital Management System 1.0
Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the demail parameter at /admin-panel1.php. 		3.5
3.5
2022-02-24 CVE-2022-25402 Unspecified vulnerability in Hospital Management System Project Hospital Management System 1.0
An incorrect access control issue in HMS v1.0 allows unauthenticated attackers to read and modify all PHP files.
network
low complexity
hospital-management-system-project
critical
 9.1
9.1
2022-02-24 CVE-2022-25403 SQL Injection vulnerability in Hospital Management System Project Hospital Management System 1.0
HMS v1.0 was discovered to contain a SQL injection vulnerability via the component admin.php. 		7.5
7.5
2021-08-16 CVE-2021-38754 SQL Injection vulnerability in Hospital Management System Project Hospital Management System
SQL Injection vulnerability in Hospital Management System due to lack of input validation in messearch.php. 		7.5
7.5
2021-08-16 CVE-2021-38755 Missing Authorization vulnerability in Hospital Management System Project Hospital Management System
Unauthenticated doctor entry deletion in Hospital Management System in admin-panel1.php. 		5.0
5.0
2021-08-16 CVE-2021-38756 Cross-site Scripting vulnerability in Hospital Management System Project Hospital Management System
Persistent cross-site scripting (XSS) in Hospital Management System targeted towards web admin through prescribe.php. 		4.3
4.3
2021-08-16 CVE-2021-38757 Cross-site Scripting vulnerability in Hospital Management System Project Hospital Management System
Persistent cross-site scripting (XSS) in Hospital Management System targeted towards web admin through contact.php. 		4.3
4.3