Hospital's Patient Records Management System Project: >> Hospital's Patient Records Management System Security Vulnerabilities
A stored cross-site scripting (XSS) vulnerability in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Name field.
CVSS Score
5.4
EPSS Score
0.003
Published
2022-02-16
An access control issue in hprms/admin/?page=user/list of Hospital Patient Record Management System v1.0 allows attackers to escalate privileges via accessing and editing the user list.
CVSS Score
8.8
EPSS Score
0.003
Published
2022-02-14
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_list.
CVSS Score
5.4
EPSS Score
0.003
Published
2022-01-26
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_types.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-01-26
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php
CVSS Score
5.4
EPSS Score
0.002
Published
2022-01-26
Sourcecodester Hospital's Patient Records Management System 1.0 is vulnerable to Insecure Permissions via the id parameter in manage_user endpoint. Simply change the value and data of other users can be displayed.
CVSS Score
5.3
EPSS Score
0.001
Published
2022-01-24
Page 3