CVEDB API

Vulnerabilities

Vulnerable Software

Kishan0725: Security Vulnerabilities

CVE-2025-63514

kishan0725 Hospital Management System has a Cross-Site Scripting (XSS) vulnerability in appsearch.php via the email parameter.

CVSS Score

6.1

EPSS Score

0.0

Published

2025-11-18

CVE-2025-63513

kishan0725 Hospital Management System v4 has an Insecure Direct Object Reference (IDOR) vulnerability in the appointment cancellation functionality.

CVSS Score

6.5

EPSS Score

0.0

Published

2025-11-18

CVE-2025-63512

kishan0725 Hospital Management System/ v4 is vulnerable to SQL Injection in admin-panel1.php, specifically in the deleting doctor logic. The application fails to properly sanitize or parameterize user-supplied input from the demail parameter before incorporating it directly into a dynamic SQL query.

CVSS Score

6.5

EPSS Score

0.0

Published

2025-11-18

CVE-2023-41525

Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php.

CVSS Score

9.8

EPSS Score

0.001

Published

2025-08-07

CVE-2023-41526

Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func1.php via the username3 and password3 parameters.

CVSS Score

9.8

EPSS Score

0.001

Published

2025-08-07

CVE-2023-41527

Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the password2 parameter in func.php.

CVSS Score

9.8

EPSS Score

0.001

Published

2025-08-07

CVE-2023-41528

Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in contact.php via the txtname, txtphone, and txtmail parameters.

CVSS Score

9.8

EPSS Score

0.001

Published

2025-08-07

CVE-2023-41529

Hospital Management System v4 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in func2.php via the fname and lname parameters.

CVSS Score

6.1

EPSS Score

0.001

Published

2025-08-07

CVE-2023-41530

Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php.

CVSS Score

9.8

EPSS Score

0.001

Published

2025-08-07

CVE-2023-41531

Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func3.php via the username1 and password2 parameters.

CVSS Score

8.8

EPSS Score

0.001

Published

2025-08-07

Page 1

Vulnerabilities

Vulnerable Software

Kishan0725: Security Vulnerabilities

Products

Pricing

Contact Us