Vulnerabilities > Projectworlds > Hospital Management System IN PHP

DATE CVE VULNERABILITY TITLE RISK
2023-09-28 CVE-2023-5004 SQL Injection vulnerability in Projectworlds Hospital Management System in PHP 20180617
Hospital management system version 378c157 allows to bypass authentication. This is possible because the application is vulnerable to SQLI.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2023-09-28 CVE-2023-5053 SQL Injection vulnerability in Projectworlds Hospital Management System in PHP 20180617
Hospital management system version 378c157 allows to bypass authentication. This is possible because the application is vulnerable to SQLI.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2022-03-16 CVE-2021-45852 Always-Incorrect Control Flow Implementation vulnerability in Projectworlds Hospital Management System in PHP 1.0
An issue was discovered in Projectworlds Hospital Management System v1.0.
network
low complexity
projectworlds CWE-670
5.0
5.0
2021-12-22 CVE-2021-43628 SQL Injection vulnerability in Projectworlds Hospital Management System in PHP 1.0
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php.
network
low complexity
projectworlds CWE-89
7.5
7.5
2021-12-22 CVE-2021-43629 SQL Injection vulnerability in Projectworlds Hospital Management System in PHP 1.0
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in admin_home.php.
network
low complexity
projectworlds CWE-89
7.5
7.5
2021-12-22 CVE-2021-43630 SQL Injection vulnerability in Projectworlds Hospital Management System in PHP 1.0
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in add_patient.php.
network
low complexity
projectworlds CWE-89
6.5
6.5
2021-12-22 CVE-2021-43631 SQL Injection vulnerability in Projectworlds Hospital Management System in PHP 1.0
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointment_no parameter in payment.php.
network
low complexity
projectworlds CWE-89
7.5
7.5