Hospital_management_system_project Hospital_management_system
43 CVEs affecting Hospital_management_system_project Hospital_management_system. Latest disclosed: 2024-11-26. Critical: 22, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-48120 | Critical | 9.8 | 2023-01-20 | SQL Injection vulnerability in kishan0725 Hospital Management System thru commit 4770d740f2512693ef8fd9aa10a8d17f79fad9bd (on March 13, 2021), allows attackers… |
CVE-2022-38637 | Critical | 9.8 | 2022-09-13 | Hospital Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the Username and Password parameters on the Login page. |
CVE-2022-32095 | Critical | 9.8 | 2022-07-01 | Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at orders.php. |
CVE-2022-32094 | Critical | 9.8 | 2022-07-01 | Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at doctorlogin.php. |
CVE-2022-32093 | Critical | 9.8 | 2022-07-01 | Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at adminlogin.php. |
CVE-2021-44095 | Critical | 9.8 | 2022-06-02 | A SQL injection vulnerability exists in ProjectWorlds Hospital Management System in php 1.0 on login page that allows a remote attacker to compromise Applicati… |
CVE-2022-30516 | Critical | 9.8 | 2022-05-26 | In Hospital-Management-System v1.0, the editid parameter in the doctor.php page is vulnerable to SQL injection attacks. |
CVE-2022-30011 | Critical | 9.8 | 2022-05-16 | In HMS 1.0 when requesting appointment.php through POST, multiple parameters can lead to a SQL injection vulnerability. |
CVE-2022-28929 | Critical | 9.8 | 2022-05-15 | Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the delid parameter at viewtreatmentrecord.php. |
CVE-2022-30449 | Critical | 9.8 | 2022-05-11 | Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in room.php. |
CVE-2022-30448 | Critical | 9.8 | 2022-05-11 | Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a File upload vulnerability in treatmentrecord.php. |
CVE-2022-27420 | Critical | 9.8 | 2022-05-04 | Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php. |
CVE-2022-27413 | Critical | 9.8 | 2022-05-03 | Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the adminname parameter in admin.php. |
CVE-2022-27299 | Critical | 9.8 | 2022-04-26 | Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the component room.php. |
CVE-2022-24136 | Critical | 9.8 | 2022-03-31 | Hospital Management System v1.0 is affected by an unrestricted upload of dangerous file type vulerability in treatmentrecord.php. To exploit, an attacker can u… |
CVE-2022-25492 | Critical | 9.8 | 2022-03-15 | HMS v1.0 was discovered to contain a SQL injection vulnerability via the medicineid parameter in ajaxmedicine.php. |
CVE-2022-25490 | Critical | 9.8 | 2022-03-15 | HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in department.php. |
CVE-2022-25403 | Critical | 9.8 | 2022-02-24 | HMS v1.0 was discovered to contain a SQL injection vulnerability via the component admin.php. |
CVE-2021-38754 | Critical | 9.8 | 2021-08-16 | SQL Injection vulnerability in Hospital Management System due to lack of input validation in messearch.php. |
CVE-2023-43909 | Critical | 9.1 | 2023-09-29 | Hospital Management System thru commit 4770d was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php. |