CVE-2025-63513

Medium CVSS: 6.5

kishan0725 Hospital Management System v4 has an Insecure Direct Object Reference (IDOR) vulnerability in the appointment cancellation functionality.

Vendor

Product

CWE

Yayın Tarihi

2025-11-18 17:16:10

Güncelleme

2025-11-20 21:57:49

Source Identifier

cve@mitre.org

KEV Date Added

CWE-639 Hospital Management System MEDIUM Kishan0725 2025

https://github.com/NicatAliyevh/Zero-Days/blob/main/Hospital_Management_System_IDOR.md https://github.com/kishan0725/Hospital-Management-System/issues/55 https://github.com/kishan0725/Hospital-Management-System/issues/55

Medium

CVE-2025-63514

kishan0725 Hospital Management System has a Cross-Site Scripting (XSS) vulnerability in appsearch.php via the email para…

Medium

CVE-2025-63512

kishan0725 Hospital Management System/ v4 is vulnerable to SQL Injection in admin-panel1.php, specifically in the deleti…

Critical

CVE-2023-41525

Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the patient_contact parameter…

Critical

CVE-2023-41526

Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func1.php via the user…

Critical

CVE-2023-41527

Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the password2 parameter in fun…

Critical

CVE-2023-41528

Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in contact.php via the tx…