CVE-2025-29410

Medium CVSS: 6.1

A cross-site scripting (XSS) vulnerability in the component /contact.php of Hospital Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the txtEmail parameter.

Vendor

Kishanlal

Product

Hospital Management System

CWE

CWE-79

Yayın Tarihi

2025-03-20 14:15:24

Güncelleme

2025-04-01 20:19:45

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-79 Hospital Management System MEDIUM Kishanlal 2025

Referanslar

https://github.com/kishan0725/Hospital-Management-System/issues/49 https://www.simonjuguna.com/cve-2025-29410-hospital-management-system-xss-vulnerability/ https://github.com/kishan0725/Hospital-Management-System/issues/49

Benzer Kayıtlar

Medium

CVE-2025-70062

PHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forgery (CSRF) vulnerability in the 'Add Doctor…

Medium

CVE-2025-70063

The 'Medical History' module in PHPGurukul Hospital Management System v4.0 contains an Insecure Direct Object Reference…

High

CVE-2025-70064

PHPGurukul Hospital Management System v4.0 contains a Privilege Escalation vulnerability. A low-privileged user (Patient…

Medium

CVE-2026-2179

A vulnerability was determined in PHPGurukul Hospital Management System 4.0. This impacts an unknown function of the fil…

Medium

CVE-2026-2134

A security vulnerability has been detected in PHPGurukul Hospital Management System 4.0. The affected element is an unkn…

Medium

CVE-2026-1550

A security flaw has been discovered in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown…