Vulnerabilities > Phpgurukul > Hospital Management System > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-11-05 CVE-2021-39411 Cross-site Scripting vulnerability in PHPgurukul Hospital Management System 4.0
Multiple Cross Site Scripting (XSS) vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the (1) searchdata parameter in (a) doctor/search.php and (b) admin/patient-search.php, and the (2) fromdate and (3) todate parameters in admin/betweendates-detailsreports.php.
network
low complexity
phpgurukul CWE-79
6.1
2021-06-22 CVE-2020-22167 Cross-site Scripting vulnerability in PHPgurukul Hospital Management System 4.0
PHPGurukul Hospital Management System in PHP v4.0 has a Persistent Cross-Site Scripting vulnerability in \hms\admin\appointment-history.php.
network
low complexity
phpgurukul CWE-79
5.4
2020-10-08 CVE-2020-25271 Cross-site Scripting vulnerability in PHPgurukul Hospital Management System 4.0
PHPGurukul hospital-management-system-in-php 4.0 allows XSS via admin/patient-search.php, doctor/search.php, book-appointment.php, doctor/appointment-history.php, or admin/appointment-history.php.
network
low complexity
phpgurukul CWE-79
5.4
2020-01-14 CVE-2020-5193 Cross-site Scripting vulnerability in PHPgurukul Hospital Management System 4.0
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple reflected XSS vulnerabilities via the searchdata or Doctorspecialization parameter.
network
low complexity
phpgurukul CWE-79
6.1
2020-01-06 CVE-2020-5191 Cross-site Scripting vulnerability in PHPgurukul Hospital Management System 4.0
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple Persistent XSS vulnerabilities.
network
low complexity
phpgurukul CWE-79
6.1