4 results (0.014 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

phpgurukul Doctor Appointment Management System V 1.0.0 is vulnerable to Cross Site Scripting (XSS) via searchdata=. phpgurukul Doctor Appointment Management System V 1.0.0 es vulnerable a Cross Site Scripting (XSS) a través de searchdata=. • https://github.com/Rajeshwar40/CVE/blob/main/2022-46128 https://phpgurukul.com/projects/Doctor-Appointment-System_PHP.zip • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

A cross-site scripting (XSS) vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search function. Una vulnerabilidad de cross site scripting (XSS) en Doctor Appointment Management System v1.0.0 permite a los atacantes ejecutar scripts web arbitrarios o HTML a través de un payload manipulado inyectado en la función de búsqueda. • https://github.com/Rajeshwar40/CVE/blob/main/CVE-2022-45730 https://phpgurukul.com/doctor-appointment-management-system-using-php-and-mysql • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

Doctor Appointment Management System v1.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability. Se descubrió que Doctor Appointment Management System v1.0.0 contenía una vulnerabilidad de cross-site scripting (XSS). • https://github.com/sudoninja-noob/CVE-2022-45728 https://github.com/sudoninja-noob/CVE-2022-45728/blob/main/CVE-2022-45728 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

A cross-site scripting (XSS) vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Employee ID parameter. Una vulnerabilidad de cross-site scripting (XSS) en Doctor Appointment Management System v1.0.0 permite a los atacantes ejecutar scripts web o HTML de su elección a través de un payload inyectado en el parámetro ID del empleado. • https://github.com/sudoninja-noob/CVE-2022-45729 https://github.com/sudoninja-noob/CVE-2022-45729/blob/main/CVE-2022-45729 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •