Vulnerabilities > Phpgurukul > Hospital Management System > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-10 CVE-2020-26629 Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul Hospital Management System 4.0
A JQuery Unrestricted Arbitrary File Upload vulnerability was discovered in Hospital Management System V4.0 which allows an unauthenticated attacker to upload any file to the server.
network
low complexity
phpgurukul CWE-434
critical
 9.8
9.8
2024-01-10 CVE-2024-0364 SQL Injection vulnerability in PHPgurukul Hospital Management System 1.0
A vulnerability, which was classified as critical, was found in PHPGurukul Hospital Management System 1.0.
network
low complexity
phpgurukul CWE-89
critical
 9.8
9.8
2024-01-10 CVE-2024-0363 SQL Injection vulnerability in PHPgurukul Hospital Management System 1.0
A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 1.0.
network
low complexity
phpgurukul CWE-89
critical
 9.8
9.8
2024-01-10 CVE-2024-0362 SQL Injection vulnerability in PHPgurukul Hospital Management System 1.0
A vulnerability classified as critical was found in PHPGurukul Hospital Management System 1.0.
network
low complexity
phpgurukul CWE-89
critical
 9.8
9.8
2024-01-10 CVE-2024-0361 SQL Injection vulnerability in PHPgurukul Hospital Management System 1.0
A vulnerability classified as critical has been found in PHPGurukul Hospital Management System 1.0.
network
low complexity
phpgurukul CWE-89
critical
 9.8
9.8
2024-01-10 CVE-2024-0360 SQL Injection vulnerability in PHPgurukul Hospital Management System 1.0
A vulnerability was found in PHPGurukul Hospital Management System 1.0.
network
low complexity
phpgurukul CWE-89
critical
 9.8
9.8
2023-05-11 CVE-2023-31498 Session Fixation vulnerability in PHPgurukul Hospital Management System 4.0
A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows a remote attacker to execute arbitrary code and access sensitive information via the session token parameter.
network
low complexity
phpgurukul CWE-384
critical
 9.8
9.8
2022-01-31 CVE-2022-24263 SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0
Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/func.php via the email parameter.
network
low complexity
phpgurukul CWE-89
critical
 9.8
9.8