CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2CVE-2022-22852
https://notcve.org/view.php?id=CVE-2022-22852
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_list. Se presenta una vulnerabilidad de tipo Cross Site Scripting (XSS) almacenada en Sourcecodtester Hospital's Patient Records Management System 1.0, por medio del parámetro description en room_list • https://github.com/Sant268/CVE-2022-22852 https://github.com/Sant268/CVE-2022-22852/blob/main/CVE-2022-22852.md https://www.sourcecodester.com/php/15116/hospitals-patient-records-management-system-php-free-source-code.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2CVE-2022-22850
https://notcve.org/view.php?id=CVE-2022-22850
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_types. Se presenta una vulnerabilidad de tipo Cross Site Scripting (XSS) almacenada en Sourcecodtester Hospital's Patient Records Management System versión 1.0, por medio del parámetro description en room_types • https://github.com/Sant268/CVE-2022-22850 https://github.com/Sant268/CVE-2022-22850/blob/main/CVE-2022-22850.md https://www.sourcecodester.com/php/15116/hospitals-patient-records-management-system-php-free-source-code.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-22851
https://notcve.org/view.php?id=CVE-2022-22851
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php Se presenta una vulnerabilidad de tipo Cross Site Scripting (XSS) almacenada en Sourcecodtester Hospital's Patient Records Management System versión 1.0, por medio del parámetro specialization en el archivo doctors.php • https://github.com/Sant268/CVE-2022-22851 https://github.com/Sant268/CVE-2022-22851/commit/17381378bdb7c9f7b3326af6fb79cf68ca9f9d3d https://www.sourcecodester.com/php/15116/hospitals-patient-records-management-system-php-free-source-code.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2022-22296
https://notcve.org/view.php?id=CVE-2022-22296
Sourcecodester Hospital's Patient Records Management System 1.0 is vulnerable to Insecure Permissions via the id parameter in manage_user endpoint. Simply change the value and data of other users can be displayed. Sourcecodester Hospital's Patient Records Management System versión 1.0, es vulnerable a Permisos Inseguros por medio del parámetro id en el endpoint manage_user. Basta con cambiar el valor y pueden mostrarse los datos de otros usuarios • https://github.com/vlakhani28/CVE-2022-22296 https://github.com/vlakhani28/CVE-2022-22296/blob/main/README.md • CWE-276: Incorrect Default Permissions •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2021-38757 – Hospital Management System Cross Site Scripting
https://notcve.org/view.php?id=CVE-2021-38757
Persistent cross-site scripting (XSS) in Hospital Management System targeted towards web admin through contact.php. Una vulnerabilidad de tipo Cross-site scripting (XSS) Persistente en Hospital Management System, dirigido al administrador de la web mediante el archivo contact.php. Hospital Management System created by kishan0725 suffers from a persistent cross site scripting vulnerability. • http://packetstormsecurity.com/files/163869/Hospital-Management-System-Cross-Site-Scripting.html https://github.com/kishan0725/Hospital-Management-System/issues/6 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •