Vulnerabilities > Phpgurukul > Hospital Management System > 4.0

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-10	CVE-2022-24646	SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0 Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/contact.php via the txtMsg parameters. network low complexity phpgurukul CWE-89	7.5
2022-01-31	CVE-2022-24263	SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0 Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/func.php via the email parameter. network low complexity phpgurukul CWE-89 critical	9.8
2021-11-05	CVE-2021-39411	Cross-site Scripting vulnerability in PHPgurukul Hospital Management System 4.0 Multiple Cross Site Scripting (XSS) vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the (1) searchdata parameter in (a) doctor/search.php and (b) admin/patient-search.php, and the (2) fromdate and (3) todate parameters in admin/betweendates-detailsreports.php. network low complexity phpgurukul CWE-79	6.1
2021-06-22	CVE-2020-22164	SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0 PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\check_availability.php. network low complexity phpgurukul CWE-89	7.5
2021-06-22	CVE-2020-22165	SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0 PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\user-login.php. network low complexity phpgurukul CWE-89	7.5
2021-06-22	CVE-2020-22166	SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0 PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\forgot-password.php. network low complexity phpgurukul CWE-89	7.5
2021-06-22	CVE-2020-22167	Cross-site Scripting vulnerability in PHPgurukul Hospital Management System 4.0 PHPGurukul Hospital Management System in PHP v4.0 has a Persistent Cross-Site Scripting vulnerability in \hms\admin\appointment-history.php. network low complexity phpgurukul CWE-79	5.4
2021-06-22	CVE-2020-22168	SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0 PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\change-emaild.php. network low complexity phpgurukul CWE-89	7.5
2021-06-22	CVE-2020-22169	SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0 PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\appointment-history.php. network low complexity phpgurukul CWE-89	7.5
2021-06-22	CVE-2020-22170	SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0 PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\get_doctor.php. network low complexity phpgurukul CWE-89	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.