Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Doctor\'s_appointment_system
(Doctor\'s_appointment_system_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-08-31 | CVE-2022-36201 | Doctor’s Appointment System v1.0 is vulnerable to Blind SQLi via settings.php. | Doctor\'s_appointment_system | 9.8 | ||
| 2022-08-31 | CVE-2022-36202 | Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control (IDOR) via id= parameter. | Doctor\'s_appointment_system | 9.8 | ||
| 2022-08-31 | CVE-2022-36203 | Doctor's Appointment System 1.0 is vulnerable to Cross Site Scripting (XSS) via the admin panel. In addition, it leads to takeover the administrator account by stealing the cookie via XSS. | Doctor\'s_appointment_system | 6.1 |