Hospital_management_system_project Hospital_management_system

43 CVEs affecting Hospital_management_system_project Hospital_management_system. Latest disclosed: 2024-11-26. Critical: 22, High: 4.

Top CVEs affecting Hospital_management_system_project Hospital_management_system
CVESeverityScorePublishedSummary
CVE-2022-48120Critical9.82023-01-20SQL Injection vulnerability in kishan0725 Hospital Management System thru commit 4770d740f2512693ef8fd9aa10a8d17f79fad9bd (on March 13, 2021), allows attackers…
CVE-2022-38637Critical9.82022-09-13Hospital Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the Username and Password parameters on the Login page.
CVE-2022-32095Critical9.82022-07-01Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at orders.php.
CVE-2022-32094Critical9.82022-07-01Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at doctorlogin.php.
CVE-2022-32093Critical9.82022-07-01Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at adminlogin.php.
CVE-2021-44095Critical9.82022-06-02A SQL injection vulnerability exists in ProjectWorlds Hospital Management System in php 1.0 on login page that allows a remote attacker to compromise Applicati…
CVE-2022-30516Critical9.82022-05-26In Hospital-Management-System v1.0, the editid parameter in the doctor.php page is vulnerable to SQL injection attacks.
CVE-2022-30011Critical9.82022-05-16In HMS 1.0 when requesting appointment.php through POST, multiple parameters can lead to a SQL injection vulnerability.
CVE-2022-28929Critical9.82022-05-15Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the delid parameter at viewtreatmentrecord.php.
CVE-2022-30449Critical9.82022-05-11Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in room.php.
CVE-2022-30448Critical9.82022-05-11Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a File upload vulnerability in treatmentrecord.php.
CVE-2022-27420Critical9.82022-05-04Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php.
CVE-2022-27413Critical9.82022-05-03Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the adminname parameter in admin.php.
CVE-2022-27299Critical9.82022-04-26Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the component room.php.
CVE-2022-24136Critical9.82022-03-31Hospital Management System v1.0 is affected by an unrestricted upload of dangerous file type vulerability in treatmentrecord.php. To exploit, an attacker can u…
CVE-2022-25492Critical9.82022-03-15HMS v1.0 was discovered to contain a SQL injection vulnerability via the medicineid parameter in ajaxmedicine.php.
CVE-2022-25490Critical9.82022-03-15HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in department.php.
CVE-2022-25403Critical9.82022-02-24HMS v1.0 was discovered to contain a SQL injection vulnerability via the component admin.php.
CVE-2021-38754Critical9.82021-08-16SQL Injection vulnerability in Hospital Management System due to lack of input validation in messearch.php.
CVE-2023-43909Critical9.12023-09-29Hospital Management System thru commit 4770d was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php.