Hospital Management System Project - Hospital Management System CVE - CVE Search - CVE Details

Filtered by vendor Hospital Management System Project Subscribe

Filtered by product Hospital Management System

Total 39 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-25491	1 Hospital Management System Project	1 Hospital Management System	2022-05-12	7.5 HIGH	7.5 HIGH
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in appointment.php.
CVE-2022-25490	1 Hospital Management System Project	1 Hospital Management System	2022-05-12	7.5 HIGH	9.8 CRITICAL
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in department.php.
CVE-2022-27413	1 Hospital Management System Project	1 Hospital Management System	2022-05-12	7.5 HIGH	9.8 CRITICAL
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the adminname parameter in admin.php.
CVE-2022-27420	1 Hospital Management System Project	1 Hospital Management System	2022-05-11	7.5 HIGH	9.8 CRITICAL
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php.
CVE-2022-27299	1 Hospital Management System Project	1 Hospital Management System	2022-05-05	7.5 HIGH	9.8 CRITICAL
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the component room.php.
CVE-2022-24136	1 Hospital Management System Project	1 Hospital Management System	2022-04-07	7.5 HIGH	9.8 CRITICAL
Hospital Management System v1.0 is affected by an unrestricted upload of dangerous file type vulerability in treatmentrecord.php. To exploit, an attacker can upload any PHP file, and then execute it.
CVE-2022-25409	1 Hospital Management System Project	1 Hospital Management System	2022-03-08	3.5 LOW	5.4 MEDIUM
Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the demail parameter at /admin-panel1.php.
CVE-2022-25408	1 Hospital Management System Project	1 Hospital Management System	2022-03-08	3.5 LOW	5.4 MEDIUM
Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the dpassword parameter at /admin-panel1.php.
CVE-2022-25407	1 Hospital Management System Project	1 Hospital Management System	2022-03-08	3.5 LOW	5.4 MEDIUM
Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Doctor parameter at /admin-panel1.php.
CVE-2022-25403	1 Hospital Management System Project	1 Hospital Management System	2022-03-03	7.5 HIGH	9.8 CRITICAL
HMS v1.0 was discovered to contain a SQL injection vulnerability via the component admin.php.
CVE-2022-25402	1 Hospital Management System Project	1 Hospital Management System	2022-03-03	6.4 MEDIUM	9.1 CRITICAL
An incorrect access control issue in HMS v1.0 allows unauthenticated attackers to read and modify all PHP files.
CVE-2022-24226	1 Hospital Management System Project	1 Hospital Management System	2022-02-23	5.0 MEDIUM	7.5 HIGH
Hospital Management System v4.0 was discovered to contain a blind SQL injection vulnerability via the register function in func2.php.
CVE-2022-24646	1 Hospital Management System Project	1 Hospital Management System	2022-02-16	7.8 HIGH	7.5 HIGH
Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/contact.php via the txtMsg parameters.
CVE-2022-24263	1 Hospital Management System Project	1 Hospital Management System	2022-02-11	7.5 HIGH	9.8 CRITICAL
Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/func.php via the email parameter.
CVE-2021-39411	1 Hospital Management System Project	1 Hospital Management System	2021-11-09	4.3 MEDIUM	6.1 MEDIUM
Multiple Cross Site Scripting (XSS) vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the (1) searchdata parameter in (a) doctor/search.php and (b) admin/patient-search.php, and the (2) fromdate and (3) todate parameters in admin/betweendates-detailsreports.php.
CVE-2021-38754	1 Hospital Management System Project	1 Hospital Management System	2021-11-02	7.5 HIGH	9.8 CRITICAL
SQL Injection vulnerability in Hospital Management System due to lack of input validation in messearch.php.
CVE-2021-38755	1 Hospital Management System Project	1 Hospital Management System	2021-08-23	5.0 MEDIUM	5.3 MEDIUM
Unauthenticated doctor entry deletion in Hospital Management System in admin-panel1.php.
CVE-2021-38757	1 Hospital Management System Project	1 Hospital Management System	2021-08-23	4.3 MEDIUM	6.1 MEDIUM
Persistent cross-site scripting (XSS) in Hospital Management System targeted towards web admin through contact.php.
CVE-2021-38756	1 Hospital Management System Project	1 Hospital Management System	2021-08-23	4.3 MEDIUM	6.1 MEDIUM
Persistent cross-site scripting (XSS) in Hospital Management System targeted towards web admin through prescribe.php.

Vulnerabilities (CVE)