Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Hospital_management_system
(Hospital_management_system_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 43 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-05-03 | CVE-2022-27413 | Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the adminname parameter in admin.php. | Hospital_management_system | 9.8 | ||
| 2022-05-04 | CVE-2022-27420 | Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php. | Hospital_management_system | 9.8 | ||
| 2022-05-11 | CVE-2022-30448 | Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a File upload vulnerability in treatmentrecord.php. | Hospital_management_system | 9.8 | ||
| 2022-05-11 | CVE-2022-30449 | Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in room.php. | Hospital_management_system | 9.8 | ||
| 2022-05-15 | CVE-2022-28929 | Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the delid parameter at viewtreatmentrecord.php. | Hospital_management_system | 9.8 | ||
| 2022-05-16 | CVE-2022-30011 | In HMS 1.0 when requesting appointment.php through POST, multiple parameters can lead to a SQL injection vulnerability. | Hospital_management_system | 9.8 | ||
| 2022-05-16 | CVE-2022-30012 | In the POST request of the appointment.php page of HMS v.0, there are SQL injection vulnerabilities in multiple parameters, and database information can be obtained through injection. | Hospital_management_system | 7.5 | ||
| 2022-05-26 | CVE-2022-30516 | In Hospital-Management-System v1.0, the editid parameter in the doctor.php page is vulnerable to SQL injection attacks. | Hospital_management_system | 9.8 | ||
| 2022-06-02 | CVE-2021-44095 | A SQL injection vulnerability exists in ProjectWorlds Hospital Management System in php 1.0 on login page that allows a remote attacker to compromise Application SQL database. | Hospital_management_system | 9.8 | ||
| 2022-07-01 | CVE-2022-32093 | Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at adminlogin.php. | Hospital_management_system | 9.8 |