CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10809 – code-projects E-Health Care System chat.php sql injection
https://notcve.org/view.php?id=CVE-2024-10809
A vulnerability was found in code-projects E-Health Care System 1.0 and classified as critical. This issue affects some unknown processing of the file /Doctor/chat.php. The manipulation of the argument name/message leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://code-projects.org https://github.com/Xueweian/cve/blob/main/sql18.md https://vuldb.com/?ctiid.283037 https://vuldb.com/?id.283037 https://vuldb.com/?submit.436759 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-707: Improper Neutralization •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10808 – code-projects E-Health Care System req_detail.php sql injection
https://notcve.org/view.php?id=CVE-2024-10808
A vulnerability has been found in code-projects E-Health Care System 1.0 and classified as critical. This vulnerability affects unknown code of the file Admin/req_detail.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://code-projects.org https://github.com/koevas257/cve/blob/main/sql.md https://vuldb.com/?ctiid.283036 https://vuldb.com/?id.283036 https://vuldb.com/?submit.436566 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-707: Improper Neutralization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10741 – code-projects E-Health Care System registration.php sql injection
https://notcve.org/view.php?id=CVE-2024-10741
A vulnerability has been found in code-projects E-Health Care System 1.0 and classified as critical. This vulnerability affects unknown code of the file /Users/registration.php. The manipulation of the argument f_name leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://code-projects.org https://github.com/maxihongtatum/cve/blob/main/sql14.md https://vuldb.com/?ctiid.282910 https://vuldb.com/?id.282910 https://vuldb.com/?submit.436319 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10740 – code-projects E-Health Care System consulting_detail.php sql injection
https://notcve.org/view.php?id=CVE-2024-10740
A vulnerability, which was classified as critical, was found in code-projects E-Health Care System up to 1.0. This affects an unknown part of the file /Admin/consulting_detail.php. The manipulation of the argument consulting_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://code-projects.org https://github.com/1270512529/cve/blob/main/sql.md https://vuldb.com/?ctiid.282909 https://vuldb.com/?id.282909 https://vuldb.com/?submit.436311 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10739 – code-projects E-Health Care System adminlogin.php sql injection
https://notcve.org/view.php?id=CVE-2024-10739
A vulnerability, which was classified as critical, has been found in code-projects E-Health Care System 1.0. Affected by this issue is some unknown functionality of the file /Admin/adminlogin.php. The manipulation of the argument email/admin_pswd as part of String leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://code-projects.org https://github.com/UnrealdDei/cve/blob/main/sql11.md https://vuldb.com/?ctiid.282908 https://vuldb.com/?id.282908 https://vuldb.com/?submit.436014 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •