Hospital Management System Project: Security Vulnerabilities
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in department.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-03-15
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in appointment.php.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-03-15
HMS v1.0 was discovered to contain a SQL injection vulnerability via the medicineid parameter in ajaxmedicine.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-03-15
HMS v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via treatmentrecord.php.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-03-15
Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Doctor parameter at /admin-panel1.php.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-02-28
Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the dpassword parameter at /admin-panel1.php.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-02-28
Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the demail parameter at /admin-panel1.php.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-02-28
An incorrect access control issue in HMS v1.0 allows unauthenticated attackers to read and modify all PHP files.
CVSS Score
9.1
EPSS Score
0.004
Published
2022-02-24
HMS v1.0 was discovered to contain a SQL injection vulnerability via the component admin.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-02-24
SQL Injection vulnerability in Hospital Management System due to lack of input validation in messearch.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2021-08-16