Phpgurukul Hospital_management_system
62 CVEs affecting Phpgurukul Hospital_management_system. Latest disclosed: 2026-02-18. Critical: 6, High: 24.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-56214 | Critical | 9.8 | 2025-08-25 | phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in index.php via the username parameter. |
CVE-2025-56212 | Critical | 9.8 | 2025-08-25 | phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in add-doctor.php via the docname parameter. |
CVE-2024-51360 | Critical | 9.8 | 2025-05-23 | An issue in Hospital Management System In PHP V4.0 allows a remote attacker to execute arbitrary code via the hms/doctor/edit-profile.php file |
CVE-2020-26629 | Critical | 9.8 | 2024-01-10 | A JQuery Unrestricted Arbitrary File Upload vulnerability was discovered in Hospital Management System V4.0 which allows an unauthenticated attacker to upload… |
CVE-2023-31498 | Critical | 9.8 | 2023-05-11 | A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows a remote attacker to execute arbitrary code and access sensiti… |
CVE-2022-24263 | Critical | 9.8 | 2022-01-31 | Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/func.php via the email parameter. |
CVE-2025-70064 | High | 8.8 | 2026-02-18 | PHPGurukul Hospital Management System v4.0 contains a Privilege Escalation vulnerability. A low-privileged user (Patient) can directly access the Administrator… |
CVE-2022-46499 | High | 8.8 | 2024-03-07 | Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the pat_number parameter at his_admin_view_single_patient.php. |
CVE-2021-35387 | High | 8.8 | 2022-10-28 | Hospital Management System v 4.0 is vulnerable to SQL Injection via file:hospital/hms/admin/view-patient.php. |
CVE-2020-35745 | High | 8.8 | 2021-01-07 | PHPGURUKUL Hospital Management System V 4.0 does not properly restrict access to admin/dashboard.php, which allows attackers to access all data of users, docto… |
CVE-2020-5192 | High | 8.8 | 2020-01-06 | PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple SQL injection vulnerabilities: multiple pages and parameters are not validating user in… |
CVE-2025-56216 | High | 8.5 | 2025-08-25 | phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in about-us.php via the pagetitle parameter. |
CVE-2022-46497 | High | 8.1 | 2024-03-07 | Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the pat_number parameter at his_doc_view_single_patien.php. |
CVE-2022-24226 | High | 7.5 | 2022-02-15 | Hospital Management System v4.0 was discovered to contain a blind SQL injection vulnerability via the register function in func2.php. |
CVE-2022-24646 | High | 7.5 | 2022-02-10 | Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/contact.php via the txtMsg parame… |
CVE-2020-22176 | High | 7.5 | 2021-06-22 | PHPGurukul Hospital Management System in PHP v4.0 has a sensitive information disclosure vulnerability in multiple areas. Remote unauthenticated users can expl… |
CVE-2020-22175 | High | 7.5 | 2021-06-22 | PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\admin\betweendates-detailsreports.php. Remote unauthenticated users… |
CVE-2020-22174 | High | 7.5 | 2021-06-22 | PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\book-appointment.php. Remote unauthenticated users can exploit the… |
CVE-2020-22173 | High | 7.5 | 2021-06-22 | PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\edit-profile.php. Remote unauthenticated users can exploit the vuln… |
CVE-2020-22172 | High | 7.5 | 2021-06-22 | PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\get_doctor.php. Remote unauthenticated users can exploit the vulner… |