Product:

Hospital_management_system

(Hospital_management_system_project)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 43
Date Id Summary Products Score Patch Annotated
2024-11-26 CVE-2024-11678 A vulnerability was found in CodeAstro Hospital Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /backend/doc/his_doc_register_patient.php. The manipulation of the argument pat_fname/pat_ailment/pat_lname/pat_age/pat_dob/pat_number/pat_phone/pat_type/pat_addr leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Hospital_management_system 5.4
2021-08-16 CVE-2021-38754 SQL Injection vulnerability in Hospital Management System due to lack of input validation in messearch.php. Hospital_management_system 9.8
2021-08-16 CVE-2021-38755 Unauthenticated doctor entry deletion in Hospital Management System in admin-panel1.php. Hospital_management_system 5.3
2021-08-16 CVE-2021-38756 Persistent cross-site scripting (XSS) in Hospital Management System targeted towards web admin through prescribe.php. Hospital_management_system 6.1
2021-08-16 CVE-2021-38757 Persistent cross-site scripting (XSS) in Hospital Management System targeted towards web admin through contact.php. Hospital_management_system 6.1
2022-02-24 CVE-2022-25402 An incorrect access control issue in HMS v1.0 allows unauthenticated attackers to read and modify all PHP files. Hospital_management_system 9.1
2022-02-24 CVE-2022-25403 HMS v1.0 was discovered to contain a SQL injection vulnerability via the component admin.php. Hospital_management_system 9.8
2022-02-28 CVE-2022-25407 Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Doctor parameter at /admin-panel1.php. Hospital_management_system 5.4
2022-02-28 CVE-2022-25408 Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the dpassword parameter at /admin-panel1.php. Hospital_management_system 5.4
2022-02-28 CVE-2022-25409 Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the demail parameter at /admin-panel1.php. Hospital_management_system 5.4