Vulnerabilities > Phpgurukul > Hospital Management System

DATE CVE VULNERABILITY TITLE RISK
2023-12-30 CVE-2023-7173 Cross-site Scripting vulnerability in PHPgurukul Hospital Management System 1.0
A vulnerability, which was classified as problematic, was found in PHPGurukul Hospital Management System 1.0.
network
low complexity
phpgurukul CWE-79
5.4
5.4
2023-12-30 CVE-2023-7172 SQL Injection vulnerability in PHPgurukul Hospital Management System 1.0
A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 1.0.
network
low complexity
phpgurukul CWE-89
7.2
7.2
2023-05-11 CVE-2023-31498 Session Fixation vulnerability in PHPgurukul Hospital Management System 4.0
A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows a remote attacker to execute arbitrary code and access sensitive information via the session token parameter.
network
low complexity
phpgurukul CWE-384
critical
 9.8
9.8
2022-10-28 CVE-2021-35387 SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0
Hospital Management System v 4.0 is vulnerable to SQL Injection via file:hospital/hms/admin/view-patient.php.
network
low complexity
phpgurukul CWE-89
8.8
8.8
2022-10-28 CVE-2021-35388 Cross-site Scripting vulnerability in PHPgurukul Hospital Management System 4.0
Hospital Management System v 4.0 is vulnerable to Cross Site Scripting (XSS) via /hospital/hms/admin/patient-search.php.
network
low complexity
phpgurukul CWE-79
5.4
5.4
2022-10-21 CVE-2022-42205 Cross-site Scripting vulnerability in PHPgurukul Hospital Management System 4.0
PHPGurukul Hospital Management System In PHP V 4.0 is vulnerable to Cross Site Scripting (XSS) via add-patient.php.
network
low complexity
phpgurukul CWE-79
5.4
5.4
2022-10-21 CVE-2022-42206 Cross-site Scripting vulnerability in PHPgurukul Hospital Management System 4.0
PHPGurukul Hospital Management System In PHP V 4.0 is vulnerable to Cross Site Scripting (XSS) via doctor/view-patient.php, admin/view-patient.php, and view-medhistory.php.
network
low complexity
phpgurukul CWE-79
5.4
5.4
2022-02-15 CVE-2022-24226 SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0
Hospital Management System v4.0 was discovered to contain a blind SQL injection vulnerability via the register function in func2.php.
network
low complexity
phpgurukul CWE-89
7.5
7.5
2022-02-10 CVE-2022-24646 SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0
Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/contact.php via the txtMsg parameters.
network
low complexity
phpgurukul CWE-89
7.5
7.5
2022-01-31 CVE-2022-24263 SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0
Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/func.php via the email parameter.
network
low complexity
phpgurukul CWE-89
critical
 9.8
9.8