Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpgurukul hospital management system 4.0 vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2020-25271
PHPGurukul hospital-management-system-in-php 4.0 allows XSS via admin/patient-search.php, doctor/search.php, book-appointment.php, doctor/appointment-history.php, or admin/appointment-history.php.
Phpgurukul Hospital Management System 4.0
1 Github repository
NA
CVE-2023-31498
A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows a remote malicious user to execute arbitrary code and access sensitive information via the session token parameter.
Phpgurukul Hospital Management System 4.0
696
VMScore
CVE-2022-24646
Hospital Management System v4.0 exists to contain a SQL injection vulnerability in /Hospital-Management-System-master/contact.php via the txtMsg parameters.
Phpgurukul Hospital Management System 4.0
578
VMScore
CVE-2020-35745
PHPGURUKUL Hospital Management System V 4.0 does not properly restrict access to admin/dashboard.php, which allows malicious users to access all data of users, doctors, patients, change admin password, get appointment history and access all session logs.
Phpgurukul Hospital Management System 4.0
383
VMScore
CVE-2020-5193
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple reflected XSS vulnerabilities via the searchdata or Doctorspecialization parameter.
Phpgurukul Hospital Management System 4.0
NA
CVE-2020-26627
A Time-Based SQL Injection vulnerability exists in Hospital Management System V4.0 which can allow an malicious user to dump database information via a crafted payload entered into the 'Admin Remark' parameter under the 'Contact Us Queries -> Unread Query' ...
Phpgurukul Hospital Management System 4.0
NA
CVE-2020-26628
A Cross-Site Scripting (XSS) vulnerability exists in Hospital Management System V4.0 which allows an malicious user to execute arbitrary web scripts or HTML code via a malicious payload appended to a username on the 'Edit Profile" page and triggered by another user visi...
Phpgurukul Hospital Management System 4.0
NA
CVE-2020-26629
A JQuery Unrestricted Arbitrary File Upload vulnerability exists in Hospital Management System V4.0 which allows an unauthenticated malicious user to upload any file to the server.
Phpgurukul Hospital Management System 4.0
NA
CVE-2020-26630
A Time-Based SQL Injection vulnerability exists in Hospital Management System V4.0 which can allow an malicious user to dump database information via a special payload in the 'Doctor Specialization' field under the 'Go to Doctors' tab after logging in as an ad...
Phpgurukul Hospital Management System 4.0
445
VMScore
CVE-2020-22169
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\appointment-history.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
Phpgurukul Hospital Management System 4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »