Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Doctor\'s Appointment System Project Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-36201 1 Doctor\'s Appointment System Project 1 Doctor\'s Appointment System 2022-09-30 N/A 9.8 CRITICAL
Doctor’s Appointment System v1.0 is vulnerable to Blind SQLi via settings.php.
CVE-2022-36202 1 Doctor\'s Appointment System Project 1 Doctor\'s Appointment System 2022-09-06 N/A 9.8 CRITICAL
Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control (IDOR) via id= parameter.
CVE-2022-36203 1 Doctor\'s Appointment System Project 1 Doctor\'s Appointment System 2022-09-06 N/A 6.1 MEDIUM
Doctor's Appointment System 1.0 is vulnerable to Cross Site Scripting (XSS) via the admin panel. In addition, it leads to takeover the administrator account by stealing the cookie via XSS.