CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-8565 – SourceCodesters Clinics Patient Management System print_diseases.php sql injection
https://notcve.org/view.php?id=CVE-2024-8565
A vulnerability was found in SourceCodesters Clinics Patient Management System 2.0. It has been rated as critical. This issue affects some unknown processing of the file /print_diseases.php. The manipulation of the argument disease/from/to leads to sql injection. The attack may be initiated remotely. • https://github.com/gurudattch/CVEs/blob/main/Sourcecodester-Clinic's-Patient-Management-System-SQLi.md https://vuldb.com/?ctiid.276785 https://vuldb.com/?id.276785 https://vuldb.com/?submit.402425 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-8555 – SourceCodester Clinics Patient Management System congratulations.php redirect
https://notcve.org/view.php?id=CVE-2024-8555
A vulnerability was found in SourceCodester Clinics Patient Management System 2.0. It has been classified as problematic. Affected is an unknown function of the file congratulations.php. The manipulation of the argument goto_page leads to open redirect. It is possible to launch the attack remotely. • https://vuldb.com/?id.276774 https://vuldb.com/?ctiid.276774 https://vuldb.com/?submit.402386 https://github.com/gurudattch/CVEs/blob/main/Sourcecodester-Clinic's-Patient-Management-System-Open-Redirect.md https://www.sourcecodester.com • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-8554 – SourceCodester Clinics Patient Management System users.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-8554
A vulnerability was found in SourceCodester Clinics Patient Management System 2.0 and classified as problematic. This issue affects some unknown processing of the file /users.php. The manipulation of the argument message leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/gurudattch/CVEs/blob/main/Sourcecodester-Clinic's-Patient-Management-System-Reflected-XSS.md https://vuldb.com/?ctiid.276773 https://vuldb.com/?id.276773 https://vuldb.com/?submit.402384 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •