Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpgurukul hospital management system 4.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-22173
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\edit-profile.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
Phpgurukul Hospital Management System 4.0
5
CVSSv2
CVE-2020-22174
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\book-appointment.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
Phpgurukul Hospital Management System 4.0
5
CVSSv2
CVE-2020-22175
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\admin\betweendates-detailsreports.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
Phpgurukul Hospital Management System 4.0
5
CVSSv2
CVE-2020-22164
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\check_availability.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
Phpgurukul Hospital Management System 4.0
3.5
CVSSv2
CVE-2020-22167
PHPGurukul Hospital Management System in PHP v4.0 has a Persistent Cross-Site Scripting vulnerability in \hms\admin\appointment-history.php. Remote registered users can exploit the vulnerability to obtain user cookie data.
Phpgurukul Hospital Management System 4.0
5
CVSSv2
CVE-2020-22176
PHPGurukul Hospital Management System in PHP v4.0 has a sensitive information disclosure vulnerability in multiple areas. Remote unauthenticated users can exploit the vulnerability to obtain user sensitive information.
Phpgurukul Hospital Management System 4.0
6.5
CVSSv2
CVE-2020-35745
PHPGURUKUL Hospital Management System V 4.0 does not properly restrict access to admin/dashboard.php, which allows malicious users to access all data of users, doctors, patients, change admin password, get appointment history and access all session logs.
Phpgurukul Hospital Management System 4.0
3.5
CVSSv2
CVE-2020-25271
PHPGurukul hospital-management-system-in-php 4.0 allows XSS via admin/patient-search.php, doctor/search.php, book-appointment.php, doctor/appointment-history.php, or admin/appointment-history.php.
Phpgurukul Hospital Management System 4.0
1 Github repository
4.3
CVSSv2
CVE-2020-5193
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple reflected XSS vulnerabilities via the searchdata or Doctorspecialization parameter.
Phpgurukul Hospital Management System 4.0
4.3
CVSSv2
CVE-2020-5191
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple Persistent XSS vulnerabilities.
Phpgurukul Hospital Management System 4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »