5 results (0.007 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

Multiple stored cross-site scripting (XSS) vulnerabilities in CodeProjects Health Care hospital Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fname and lname parameters under the Staff Info page. Múltiples vulnerabilidades de cross-site scripting (XSS) almacenado en CodeProjects Health Care hospital Management System v1.0 permiten a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en los parámetros fname y lname en la página de información del personal. • https://code-projects.org/health-care-hospital-in-php-css-js-and-mysql-free-download https://github.com/himanshubindra/CVEs/blob/main/CVE-2024-37803 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL injection vulnerability in the Staff Info module via the searvalu parameter. Se descubrió que CodeProjects Health Care hospital Management System v1.0 contenía una vulnerabilidad de inyección SQL en el módulo de información del personal a través del parámetro servalu. • https://code-projects.org/health-care-hospital-in-php-css-js-and-mysql-free-download https://github.com/SandeepRajauriya/CVEs/blob/main/CVE-2024-38348 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL injection vulnerability in the Room Information module via the id parameter. Se descubrió que CodeProjects Health Care hospital Management System v1.0 contenía una vulnerabilidad de inyección SQL en el módulo de información de la habitación a través del parámetro id. • https://code-projects.org/health-care-hospital-in-php-css-js-and-mysql-free-download https://github.com/SandeepRajauriya/CVEs/blob/main/CVE-2024-38347 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 1

CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL injection vulnerability in the Patient Info module via the searvalu parameter. Se descubrió que CodeProjects Health Care hospital Management System v1.0 contenía una vulnerabilidad de inyección SQL en el módulo de información del paciente a través del parámetro servalu. • https://code-projects.org/health-care-hospital-in-php-css-js-and-mysql-free-download https://github.com/SandeepRajauriya/CVEs/blob/main/CVE-2024-37802 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

CodeProjects Restaurant Reservation System v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Date parameter at index.php. Se descubrió que CodeProjects Restaurant Reservation System v1.0 contiene una vulnerabilidad de cross-site scripting (XSS) reflejado a través del parámetro Fecha en index.php. • https://code-projects.org/restaurant-reservation-system-in-php-with-source-code https://github.com/SandeepRajauriya/CVEs/blob/main/CVE-2024-37800 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •