Kishan0725 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Kategori: Kishan0725 - CVE listesi
VENDOR 13 kayıt
Medium CVSS: 6.1

CVE-2025-63514

kishan0725 Hospital Management System has a Cross-Site Scripting (XSS) vulnerability in appsearch.php via the email parameter.
Medium CVSS: 6.5

CVE-2025-63513

kishan0725 Hospital Management System v4 has an Insecure Direct Object Reference (IDOR) vulnerability in the appointment cancellation functionality.
Medium CVSS: 6.5

CVE-2025-63512

kishan0725 Hospital Management System/ v4 is vulnerable to SQL Injection in admin-panel1.php, specifically in the deleting doctor logic. The application fails to properly sanitize or parameterize user-supplied input from the demail paramete…
High CVSS: 8.8

CVE-2023-41532

Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the doctor_contact parameter in doctorsearch.php.
High CVSS: 8.8

CVE-2023-41531

Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func3.php via the username1 and password2 parameters.
Critical CVSS: 9.8

CVE-2023-41530

Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php.
Medium CVSS: 6.1

CVE-2023-41529

Hospital Management System v4 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in func2.php via the fname and lname parameters.
Critical CVSS: 9.8

CVE-2023-41528

Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in contact.php via the txtname, txtphone, and txtmail parameters.
Critical CVSS: 9.8

CVE-2023-41527

Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the password2 parameter in func.php.
Critical CVSS: 9.8

CVE-2023-41526

Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func1.php via the username3 and password3 parameters.
Critical CVSS: 9.8

CVE-2023-41525

Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php.
Medium CVSS: 6.5

CVE-2023-40992

Hospital Management System 4 is vulnerable to a SQL injection in /Hospital-Management-System-master/func.php via the password2 parameter.
Critical CVSS: 9.8

CVE-2023-43958

An arbitrary file upload vulnerability in the component /jquery-file-upload/server/php/index.php of Hospital Management System v4.0 allows an unauthenticated attacker to upload any file to the server and execute arbitrary code.