3 results (0.008 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /ajax/get_patient_history.php. The manipulation of the argument patient_id leads to sql injection. The attack may be initiated remotely. • https://github.com/Xu-Mingming/cve/blob/main/sql4.md https://vuldb.com/?ctiid.272123 https://vuldb.com/?id.272123 https://vuldb.com/?submit.378108 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /print_patients_visits.php. The manipulation of the argument from/to leads to sql injection. The attack can be initiated remotely. • https://github.com/Xu-Mingming/cve/blob/main/sql3.md https://vuldb.com/?ctiid.272122 https://vuldb.com/?id.272122 https://vuldb.com/?submit.378107 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been classified as critical. Affected is an unknown function of the file update_user.php. The manipulation of the argument user_id leads to sql injection. It is possible to launch the attack remotely. • https://github.com/E1CHO/cve_hub/blob/main/clinics%20patient%20management%20system/clinics-patient-management-system%20vlun2.pdf https://vuldb.com/?ctiid.221784 https://vuldb.com/?id.221784 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •