Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Doctor Appointment System Project Subscribe
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-27320 1 Doctor Appointment System Project 1 Doctor Appointment System 2021-03-24 5.0 MEDIUM 7.5 HIGH
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via firstname parameter.
CVE-2021-27316 1 Doctor Appointment System Project 1 Doctor Appointment System 2021-03-24 5.0 MEDIUM 7.5 HIGH
Blind SQL injection in contactus.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via lastname parameter.
CVE-2021-27319 1 Doctor Appointment System Project 1 Doctor Appointment System 2021-03-24 5.0 MEDIUM 7.5 HIGH
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via email parameter.
CVE-2021-27315 1 Doctor Appointment System Project 1 Doctor Appointment System 2021-03-24 5.0 MEDIUM 7.5 HIGH
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via the comment parameter.
CVE-2021-27318 1 Doctor Appointment System Project 1 Doctor Appointment System 2021-03-08 4.3 MEDIUM 6.1 MEDIUM
Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the lastname parameter.
CVE-2021-27317 1 Doctor Appointment System Project 1 Doctor Appointment System 2021-03-08 4.3 MEDIUM 6.1 MEDIUM
Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the comment parameter.
CVE-2021-27314 1 Doctor Appointment System Project 1 Doctor Appointment System 2021-03-05 7.5 HIGH 9.8 CRITICAL
SQL injection in admin.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via username parameter at login page.
CVE-2021-27124 1 Doctor Appointment System Project 1 Doctor Appointment System 2021-02-24 4.0 MEDIUM 6.5 MEDIUM
SQL injection in the expertise parameter in search_result.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack.