Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
soham bakore vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-27321
Doctor Appointment System version 1.0 suffers from multiple cross site scripting vulnerabilities. These are additional findings with original discovery of cross site scripting in this version being attributed to Soham Bakore in February of 2021.
NA
CVE-2021-27322
Doctor Appointment System version 1.0 suffers from multiple cross site scripting vulnerabilities. These are additional findings with original discovery of cross site scripting in this version being attributed to Soham Bakore in February of 2021.
9.8
CVSSv3
CVE-2022-36201
Doctor’s Appointment System v1.0 is vulnerable to Blind SQLi via settings.php.
Doctor\\'s Appointment System Project Doctor\\'s Appointment System 1.0
1 Github repository
6.1
CVSSv3
CVE-2022-36203
Doctor's Appointment System 1.0 is vulnerable to Cross Site Scripting (XSS) via the admin panel. In addition, it leads to takeover the administrator account by stealing the cookie via XSS.
Doctor\\'s Appointment System Project Doctor\\'s Appointment System 1.0
1 Github repository
7.5
CVSSv3
CVE-2021-27316
Blind SQL injection in contactus.php in doctor appointment system 1.0 allows an unauthenticated malicious user to insert malicious SQL queries via lastname parameter.
Doctor Appointment System Project Doctor Appointment System 1.0
6.1
CVSSv3
CVE-2021-27317
Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote malicious users to inject arbitrary web script or HTML via the comment parameter.
Doctor Appointment System Project Doctor Appointment System 1.0
6.1
CVSSv3
CVE-2021-27318
Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote malicious users to inject arbitrary web script or HTML via the lastname parameter.
Doctor Appointment System Project Doctor Appointment System 1.0
9.8
CVSSv3
CVE-2021-27314
SQL injection in admin.php in doctor appointment system 1.0 allows an unauthenticated malicious user to insert malicious SQL queries via username parameter at login page.
Doctor Appointment System Project Doctor Appointment System 1.0
7.5
CVSSv3
CVE-2021-27315
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated malicious user to insert malicious SQL queries via the comment parameter.
Doctor Appointment System Project Doctor Appointment System 1.0
6.1
CVSSv3
CVE-2020-22840
Open redirect vulnerability in b2evolution CMS version before 6.11.6 allows an malicious user to perform malicious open redirects to an attacker controlled resource via redirect_to parameter in email_passthrough.php.
B2evolution B2evolution
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »