CVE-2022-46093
https://notcve.org/view.php?id=CVE-2022-46093
Hospital Management System v1.0 is vulnerable to SQL Injection. Attackers can gain administrator privileges without the need for a password. • https://github.com/Frank-Z7/z-vulnerabilitys/blob/main/Hospital-Management-System/Hospital-Management-System.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2021-35388
https://notcve.org/view.php?id=CVE-2021-35388
Hospital Management System v 4.0 is vulnerable to Cross Site Scripting (XSS) via /hospital/hms/admin/patient-search.php. Hospital Management System v 4.0 es vulnerable a Cross Site Scripting (XSS) a través de /hospital/hms/admin/patient-search.php. • https://github.com/BigTiger2020/Hospital-Management-System/blob/main/xss.md https://phpgurukul.com/hospital-management-system-in-php • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-35387
https://notcve.org/view.php?id=CVE-2021-35387
Hospital Management System v 4.0 is vulnerable to SQL Injection via file:hospital/hms/admin/view-patient.php. Hospital Management System v 4.0 es vulnerable a la inyección SQL a través del archivo: hospital/hms/admin/view-patient.php. • https://github.com/BigTiger2020/Hospital-Management-System/blob/main/Hospital%20Management%20System.md https://phpgurukul.com/hospital-management-system-in-php • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2022-42206
https://notcve.org/view.php?id=CVE-2022-42206
PHPGurukul Hospital Management System In PHP V 4.0 is vulnerable to Cross Site Scripting (XSS) via doctor/view-patient.php, admin/view-patient.php, and view-medhistory.php. PHPGurukul Hospital Management System In PHP versión V4.0, es vulnerable a un ataque de tipo Cross Site Scripting (XSS) por medio de los archivos doctor/view-patient.php, admin/view-patient.php, y view-medhistory.php • https://sisl.lab.uic.edu/projects/chess/cross-site-scripting-in-hms3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-42205
https://notcve.org/view.php?id=CVE-2022-42205
PHPGurukul Hospital Management System In PHP V 4.0 is vulnerable to Cross Site Scripting (XSS) via add-patient.php. PHPGurukul Hospital Management System In PHP versión V4.0, es vulnerable a un ataque de tipo Cross Site Scripting (XSS) por medio del archivo add-patient.php • https://sisl.lab.uic.edu/projects/chess/cross-site-scripting-in-hms2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •