CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10989 – code-projects E-Health Care System detail.php sql injection
https://notcve.org/view.php?id=CVE-2024-10989
A vulnerability classified as critical has been found in code-projects E-Health Care System 1.0. This affects an unknown part of the file /Admin/detail.php. The manipulation of the argument s_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://code-projects.org https://github.com/miaoyum/cve/blob/main/sql21.md https://vuldb.com/?ctiid.283455 https://vuldb.com/?id.283455 https://vuldb.com/?submit.438421 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10988 – code-projects E-Health Care System doctor_login.php sql injection
https://notcve.org/view.php?id=CVE-2024-10988
A vulnerability was found in code-projects E-Health Care System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Doctor/doctor_login.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. • https://code-projects.org https://github.com/20241018/cve/blob/main/sql.md https://vuldb.com/?ctiid.283454 https://vuldb.com/?id.283454 https://vuldb.com/?submit.438286 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10987 – code-projects E-Health Care System user_appointment.php sql injection
https://notcve.org/view.php?id=CVE-2024-10987
A vulnerability was found in code-projects E-Health Care System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /Doctor/user_appointment.php. The manipulation of the argument schedule_id/schedule_date/schedule_day/start_time/end_time/booking leads to sql injection. The attack can be launched remotely. • https://code-projects.org https://github.com/qqqbalabala/cve/blob/main/sql20.md https://vuldb.com/?ctiid.283453 https://vuldb.com/?id.283453 https://vuldb.com/?submit.437351 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10967 – code-projects E-Health Care System delete_user_appointment_request.php sql injection
https://notcve.org/view.php?id=CVE-2024-10967
A vulnerability was found in code-projects E-Health Care System 1.0. It has been classified as critical. Affected is an unknown function of the file /Doctor/delete_user_appointment_request.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. • https://code-projects.org https://github.com/1104533685/cve/blob/main/sql.md https://vuldb.com/?ctiid.283416 https://vuldb.com/?id.283416 https://vuldb.com/?submit.437312 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10810 – code-projects E-Health Care System app_request.php sql injection
https://notcve.org/view.php?id=CVE-2024-10810
A vulnerability was found in code-projects E-Health Care System 1.0. It has been classified as critical. Affected is an unknown function of the file Doctor/app_request.php. The manipulation of the argument app_id leads to sql injection. It is possible to launch the attack remotely. • https://code-projects.org https://github.com/wsy149433/cve/blob/main/sql19.md https://vuldb.com/?ctiid.283038 https://vuldb.com/?id.283038 https://vuldb.com/?submit.437018 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-707: Improper Neutralization •