Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
doctor appointment system project doctor appointment system 1.0 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-27317
Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote malicious users to inject arbitrary web script or HTML via the comment parameter.
Doctor Appointment System Project Doctor Appointment System 1.0
7.5
CVSSv3
CVE-2021-27320
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated malicious user to insert malicious SQL queries via firstname parameter.
Doctor Appointment System Project Doctor Appointment System 1.0
6.5
CVSSv3
CVE-2021-27124
SQL injection in the expertise parameter in search_result.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack.
Doctor Appointment System Project Doctor Appointment System 1.0
9.8
CVSSv3
CVE-2021-27314
SQL injection in admin.php in doctor appointment system 1.0 allows an unauthenticated malicious user to insert malicious SQL queries via username parameter at login page.
Doctor Appointment System Project Doctor Appointment System 1.0
6.1
CVSSv3
CVE-2021-27318
Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote malicious users to inject arbitrary web script or HTML via the lastname parameter.
Doctor Appointment System Project Doctor Appointment System 1.0
9.8
CVSSv3
CVE-2023-40945
Sourcecodester Doctor Appointment System 1.0 is vulnerable to SQL Injection in the variable $userid at doctors\myDetails.php.
Doctor Appointment System Project Doctor Appointment System 1.0
9.8
CVSSv3
CVE-2023-39852
Doctormms v1.0 exists to contain a SQL injection vulnerability via the $userid parameter at myAppoinment.php. NOTE: this is disputed by a third party who claims that the userid is a session variable controlled by the server, and thus cannot be used for exploitation. The original ...
Doctor Appointment System Project Doctor Appointment System 1.0
7.5
CVSSv3
CVE-2021-27315
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated malicious user to insert malicious SQL queries via the comment parameter.
Doctor Appointment System Project Doctor Appointment System 1.0
7.5
CVSSv3
CVE-2021-27316
Blind SQL injection in contactus.php in doctor appointment system 1.0 allows an unauthenticated malicious user to insert malicious SQL queries via lastname parameter.
Doctor Appointment System Project Doctor Appointment System 1.0
7.5
CVSSv3
CVE-2021-27319
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated malicious user to insert malicious SQL queries via email parameter.
Doctor Appointment System Project Doctor Appointment System 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »