CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-8944 – code-projects Hospital Management System check_availability.php sql injection
https://notcve.org/view.php?id=CVE-2024-8944
A vulnerability, which was classified as critical, was found in code-projects Hospital Management System 1.0. This affects an unknown part of the file check_availability.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?id.277761 https://vuldb.com/?ctiid.277761 https://vuldb.com/?submit.408871 https://github.com/65241/cve/issues/1 https://code-projects.org • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-8569 – code-projects Hospital Management System user-login.php sql injection
https://notcve.org/view.php?id=CVE-2024-8569
A vulnerability has been found in code-projects Hospital Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file user-login.php. The manipulation of the argument username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://code-projects.org https://github.com/teachersongsec/cve/issues/1 https://vuldb.com/?ctiid.276799 https://vuldb.com/?id.276799 https://vuldb.com/?submit.403125 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-8368 – code-projects Hospital Management System Login index.php sql injection
https://notcve.org/view.php?id=CVE-2024-8368
A vulnerability was found in code-projects Hospital Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. • https://code-projects.org https://github.com/qingluan-bot/cve/issues/1 https://vuldb.com/?ctiid.276272 https://vuldb.com/?id.276272 https://vuldb.com/?submit.400787 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2024-37803
https://notcve.org/view.php?id=CVE-2024-37803
Multiple stored cross-site scripting (XSS) vulnerabilities in CodeProjects Health Care hospital Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fname and lname parameters under the Staff Info page. Múltiples vulnerabilidades de cross-site scripting (XSS) almacenado en CodeProjects Health Care hospital Management System v1.0 permiten a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en los parámetros fname y lname en la página de información del personal. • https://code-projects.org/health-care-hospital-in-php-css-js-and-mysql-free-download https://github.com/himanshubindra/CVEs/blob/main/CVE-2024-37803 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-38348
https://notcve.org/view.php?id=CVE-2024-38348
CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL injection vulnerability in the Staff Info module via the searvalu parameter. Se descubrió que CodeProjects Health Care hospital Management System v1.0 contenía una vulnerabilidad de inyección SQL en el módulo de información del personal a través del parámetro servalu. • https://code-projects.org/health-care-hospital-in-php-css-js-and-mysql-free-download https://github.com/SandeepRajauriya/CVEs/blob/main/CVE-2024-38348 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •