CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-22853
https://notcve.org/view.php?id=CVE-2022-22853
A stored cross-site scripting (XSS) vulnerability in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Name field. Una vulnerabilidad de tipo cross-site scripting (XSS) almacenada en Hospital Patient Record Management System versión v1.0, permite a atacantes ejecutar scripts web o HTML arbitrarios por medio de una carga útil diseñada insertada en el campo Name • https://github.com/Dheeraj-Deshmukh/stored-xss-in-Hospital-s-Patient-Records-Management-System https://www.sourcecodester.com/php/15116/hospitals-patient-records-management-system-php-free-source-code.html https://www.sourcecodester.com/sites/default/files/download/oretnom23/hprms_0.zip • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-22854
https://notcve.org/view.php?id=CVE-2022-22854
An access control issue in hprms/admin/?page=user/list of Hospital Patient Record Management System v1.0 allows attackers to escalate privileges via accessing and editing the user list. Un problema de control de acceso en hprms/admin/?page=user/list de Hospital Patient Record Management System versión v1.0, permite a atacantes escalar privilegios por medio del acceso y la edición de la lista de usuarios • https://github.com/Dheeraj-Deshmukh/Hospital-s-patient-management-system • CWE-862: Missing Authorization •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2CVE-2022-22852
https://notcve.org/view.php?id=CVE-2022-22852
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_list. Se presenta una vulnerabilidad de tipo Cross Site Scripting (XSS) almacenada en Sourcecodtester Hospital's Patient Records Management System 1.0, por medio del parámetro description en room_list • https://github.com/Sant268/CVE-2022-22852 https://github.com/Sant268/CVE-2022-22852/blob/main/CVE-2022-22852.md https://www.sourcecodester.com/php/15116/hospitals-patient-records-management-system-php-free-source-code.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2CVE-2022-22850
https://notcve.org/view.php?id=CVE-2022-22850
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_types. Se presenta una vulnerabilidad de tipo Cross Site Scripting (XSS) almacenada en Sourcecodtester Hospital's Patient Records Management System versión 1.0, por medio del parámetro description en room_types • https://github.com/Sant268/CVE-2022-22850 https://github.com/Sant268/CVE-2022-22850/blob/main/CVE-2022-22850.md https://www.sourcecodester.com/php/15116/hospitals-patient-records-management-system-php-free-source-code.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-22851
https://notcve.org/view.php?id=CVE-2022-22851
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php Se presenta una vulnerabilidad de tipo Cross Site Scripting (XSS) almacenada en Sourcecodtester Hospital's Patient Records Management System versión 1.0, por medio del parámetro specialization en el archivo doctors.php • https://github.com/Sant268/CVE-2022-22851 https://github.com/Sant268/CVE-2022-22851/commit/17381378bdb7c9f7b3326af6fb79cf68ca9f9d3d https://www.sourcecodester.com/php/15116/hospitals-patient-records-management-system-php-free-source-code.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •