Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpgurukul hospital management system 4.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-26629
A JQuery Unrestricted Arbitrary File Upload vulnerability exists in Hospital Management System V4.0 which allows an unauthenticated malicious user to upload any file to the server.
Phpgurukul Hospital Management System 4.0
9.8
CVSSv3
CVE-2023-31498
A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows a remote malicious user to execute arbitrary code and access sensitive information via the session token parameter.
Phpgurukul Hospital Management System 4.0
9.8
CVSSv3
CVE-2022-24263
Hospital Management System v4.0 exists to contain a SQL injection vulnerability in /Hospital-Management-System-master/func.php via the email parameter.
Phpgurukul Hospital Management System 4.0
8.8
CVSSv3
CVE-2021-35387
Hospital Management System v 4.0 is vulnerable to SQL Injection via file:hospital/hms/admin/view-patient.php.
Phpgurukul Hospital Management System 4.0
8.8
CVSSv3
CVE-2020-35745
PHPGURUKUL Hospital Management System V 4.0 does not properly restrict access to admin/dashboard.php, which allows malicious users to access all data of users, doctors, patients, change admin password, get appointment history and access all session logs.
Phpgurukul Hospital Management System 4.0
8.8
CVSSv3
CVE-2020-5192
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple SQL injection vulnerabilities: multiple pages and parameters are not validating user input, and allow for the application's database and information to be fully compromised.
Phpgurukul Hospital Management System 4.0
7.5
CVSSv3
CVE-2022-24226
Hospital Management System v4.0 exists to contain a blind SQL injection vulnerability via the register function in func2.php.
Phpgurukul Hospital Management System 4.0
7.5
CVSSv3
CVE-2022-24646
Hospital Management System v4.0 exists to contain a SQL injection vulnerability in /Hospital-Management-System-master/contact.php via the txtMsg parameters.
Phpgurukul Hospital Management System 4.0
7.5
CVSSv3
CVE-2020-22164
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\check_availability.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
Phpgurukul Hospital Management System 4.0
7.5
CVSSv3
CVE-2020-22165
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\user-login.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
Phpgurukul Hospital Management System 4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »