Doctor's Appointment System Project: >> Doctor's Appointment System Security Vulnerabilities
Doctor’s Appointment System v1.0 is vulnerable to Blind SQLi via settings.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-08-31
Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control (IDOR) via id= parameter.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-08-31
Doctor's Appointment System 1.0 is vulnerable to Cross Site Scripting (XSS) via the admin panel. In addition, it leads to takeover the administrator account by stealing the cookie via XSS.
CVSS Score
6.1
EPSS Score
0.001
Published
2022-08-31