Vulnerabilities > Hospital S Patient Records Management System Project

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-16	CVE-2022-22853	Cross-site Scripting vulnerability in Hospital'S Patient Records Management System Project Hospital'S Patient Records Management System 1.0 A stored cross-site scripting (XSS) vulnerability in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Name field. network low complexity hospital-s-patient-records-management-system-project CWE-79	5.4
2022-02-14	CVE-2022-22854	Missing Authorization vulnerability in Hospital'S Patient Records Management System Project Hospital'S Patient Records Management System 1.0 An access control issue in hprms/admin/?page=user/list of Hospital Patient Record Management System v1.0 allows attackers to escalate privileges via accessing and editing the user list. network low complexity hospital-s-patient-records-management-system-project CWE-862	8.8
2022-01-26	CVE-2022-22852	Cross-site Scripting vulnerability in Hospital'S Patient Records Management System Project Hospital'S Patient Records Management System 1.0 A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_list. network low complexity hospital-s-patient-records-management-system-project CWE-79	5.4
2022-01-26	CVE-2022-22850	Cross-site Scripting vulnerability in Hospital'S Patient Records Management System Project Hospital'S Patient Records Management System 1.0 A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_types. network low complexity hospital-s-patient-records-management-system-project CWE-79	5.4
2022-01-26	CVE-2022-22851	Cross-site Scripting vulnerability in Hospital'S Patient Records Management System Project Hospital'S Patient Records Management System 1.0 A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php network low complexity hospital-s-patient-records-management-system-project CWE-79	5.4
2022-01-24	CVE-2022-22296	Incorrect Default Permissions vulnerability in Hospital'S Patient Records Management System Project Hospital'S Patient Records Management System 1.0 Sourcecodester Hospital's Patient Records Management System 1.0 is vulnerable to Insecure Permissions via the id parameter in manage_user endpoint. network low complexity hospital-s-patient-records-management-system-project CWE-276	5.3