CVE-2024-6969 – SourceCodester Clinics Patient Management System get_patient_history.php sql injection
https://notcve.org/view.php?id=CVE-2024-6969
A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /ajax/get_patient_history.php. The manipulation of the argument patient_id leads to sql injection. The attack may be initiated remotely. • https://github.com/Xu-Mingming/cve/blob/main/sql4.md https://vuldb.com/?ctiid.272123 https://vuldb.com/?id.272123 https://vuldb.com/?submit.378108 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-6968 – SourceCodester Clinics Patient Management System print_patients_visits.php sql injection
https://notcve.org/view.php?id=CVE-2024-6968
A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /print_patients_visits.php. The manipulation of the argument from/to leads to sql injection. The attack can be initiated remotely. • https://github.com/Xu-Mingming/cve/blob/main/sql3.md https://vuldb.com/?ctiid.272122 https://vuldb.com/?id.272122 https://vuldb.com/?submit.378107 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-1035 – SourceCodester Clinics Patient Management System update_user.php sql injection
https://notcve.org/view.php?id=CVE-2023-1035
A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been classified as critical. Affected is an unknown function of the file update_user.php. The manipulation of the argument user_id leads to sql injection. It is possible to launch the attack remotely. • https://github.com/E1CHO/cve_hub/blob/main/clinics%20patient%20management%20system/clinics-patient-management-system%20vlun2.pdf https://vuldb.com/?ctiid.221784 https://vuldb.com/?id.221784 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •