Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
doctor appointment system project doctor appointment system 1.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-40945
Sourcecodester Doctor Appointment System 1.0 is vulnerable to SQL Injection in the variable $userid at doctors\myDetails.php.
Doctor Appointment System Project Doctor Appointment System 1.0
NA
CVE-2023-39852
Doctormms v1.0 exists to contain a SQL injection vulnerability via the $userid parameter at myAppoinment.php. NOTE: this is disputed by a third party who claims that the userid is a session variable controlled by the server, and thus cannot be used for exploitation. The original ...
Doctor Appointment System Project Doctor Appointment System 1.0
356
VMScore
CVE-2021-27124
SQL injection in the expertise parameter in search_result.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack.
Doctor Appointment System Project Doctor Appointment System 1.0
445
VMScore
CVE-2021-27320
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated malicious user to insert malicious SQL queries via firstname parameter.
Doctor Appointment System Project Doctor Appointment System 1.0
668
VMScore
CVE-2021-27314
SQL injection in admin.php in doctor appointment system 1.0 allows an unauthenticated malicious user to insert malicious SQL queries via username parameter at login page.
Doctor Appointment System Project Doctor Appointment System 1.0
445
VMScore
CVE-2021-27315
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated malicious user to insert malicious SQL queries via the comment parameter.
Doctor Appointment System Project Doctor Appointment System 1.0
445
VMScore
CVE-2021-27316
Blind SQL injection in contactus.php in doctor appointment system 1.0 allows an unauthenticated malicious user to insert malicious SQL queries via lastname parameter.
Doctor Appointment System Project Doctor Appointment System 1.0
383
VMScore
CVE-2021-27317
Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote malicious users to inject arbitrary web script or HTML via the comment parameter.
Doctor Appointment System Project Doctor Appointment System 1.0
445
VMScore
CVE-2021-27319
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated malicious user to insert malicious SQL queries via email parameter.
Doctor Appointment System Project Doctor Appointment System 1.0
383
VMScore
CVE-2021-27318
Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote malicious users to inject arbitrary web script or HTML via the lastname parameter.
Doctor Appointment System Project Doctor Appointment System 1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »