Search
Search Results (8 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-46499 | 2 Codeastro, Phpgurukul | 2 Hospital Management System, Hospital Management System | 2025-03-28 | 8.8 High |
| Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the pat_number parameter at his_admin_view_single_patient.php. | ||||
| CVE-2022-46498 | 2 Codeastro, Phpgurukul | 2 Hospital Management System, Hospital Management System | 2025-03-28 | 2.7 Low |
| Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the doc_number parameter at his_admin_view_single_employee.php. | ||||
| CVE-2022-46497 | 2 Codeastro, Phpgurukul | 2 Hospital Management System, Hospital Management System | 2025-03-28 | 8.1 High |
| Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the pat_number parameter at his_doc_view_single_patien.php. | ||||
| CVE-2024-11678 | 2 Codeastro, Hospital Management System Project | 2 Hospital Management System, Hospital Management System | 2024-12-04 | 3.5 Low |
| A vulnerability was found in CodeAstro Hospital Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /backend/doc/his_doc_register_patient.php. The manipulation of the argument pat_fname/pat_ailment/pat_lname/pat_age/pat_dob/pat_number/pat_phone/pat_type/pat_addr leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-11677 | 2 Codeastro, Hospital Management System Project | 2 Hospital Management System, Hospital Management System | 2024-12-04 | 3.5 Low |
| A vulnerability was found in CodeAstro Hospital Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /backend/admin/his_admin_add_vendor.php of the component Add Vendor Details Page. The manipulation of the argument v_name/v_adr/v_number/v_email/v_phone/v_desc leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-11676 | 2 Codeastro, Hospital Management System Project | 2 Hospital Management System, Hospital Management System | 2024-12-04 | 3.5 Low |
| A vulnerability was found in CodeAstro Hospital Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /backend/admin/his_admin_add_lab_equipment.php of the component Add Laboratory Equipment Page. The manipulation of the argument eqp_code/eqp_name/eqp_vendor/eqp_desc/eqp_dept/eqp_status/eqp_qty leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-11675 | 2 Codeastro, Phpgurukul | 2 Hospital Management System, Hospital Management System | 2024-12-04 | 3.5 Low |
| A vulnerability has been found in CodeAstro Hospital Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /backend/admin/his_admin_register_patient.php of the component Add Patient Details Page. The manipulation of the argument pat_fname/pat_ailment/pat_lname/pat_age/pat_dob/pat_number/pat_phone/pat_type/pat_addr leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-11674 | 2 Codeastro, Hospital Management System Project | 2 Hospital Management System, Hospital Management System | 2024-12-04 | 6.3 Medium |
| A vulnerability, which was classified as critical, was found in CodeAstro Hospital Management System 1.0. Affected is an unknown function of the file /backend/doc/his_doc_update-account.php. The manipulation of the argument doc_dpic leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
Page 1 of 1.