Hospital Management System Mini-Project
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-4739 | 0.00 | — | 0.00 | May 16, 2025 | A vulnerability was found in projectworlds Hospital Database Management System 1.0. It has been classified as critical. This affects an unknown part of the file /medicines_info.php. The manipulation of the argument Med_ID leads to sql injection. It is possible to initiate the… | |||
| CVE-2023-5053 | 0.00 | — | 0.01 | Sep 28, 2023 | Hospital management system version 378c157 allows to bypass authentication. This is possible because the application is vulnerable to SQLI. | |||
| CVE-2023-5004 | 0.00 | — | 0.01 | Sep 28, 2023 | Hospital management system version 378c157 allows to bypass authentication. This is possible because the application is vulnerable to SQLI. | |||
| CVE-2022-33880 | 0.00 | — | 0.01 | Sep 29, 2022 | hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter. | |||
| CVE-2021-43631 | 0.00 | — | 0.01 | Dec 22, 2021 | Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointment_no parameter in payment.php. | |||
| CVE-2021-43630 | 0.00 | — | 0.02 | Dec 22, 2021 | Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in add_patient.php. As a result, an authenticated malicious user can compromise the databases system and in some cases leverage this vulnerability to get remote code execution on… | |||
| CVE-2021-43629 | 0.00 | — | 0.01 | Dec 22, 2021 | Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in admin_home.php. | |||
| CVE-2021-43628 | 0.00 | — | 0.01 | Dec 22, 2021 | Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php. |
- CVE-2025-4739May 16, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in projectworlds Hospital Database Management System 1.0. It has been classified as critical. This affects an unknown part of the file /medicines_info.php. The manipulation of the argument Med_ID leads to sql injection. It is possible to initiate the…
- CVE-2023-5053Sep 28, 2023risk 0.00cvss —epss 0.01
Hospital management system version 378c157 allows to bypass authentication. This is possible because the application is vulnerable to SQLI.
- CVE-2023-5004Sep 28, 2023risk 0.00cvss —epss 0.01
Hospital management system version 378c157 allows to bypass authentication. This is possible because the application is vulnerable to SQLI.
- CVE-2022-33880Sep 29, 2022risk 0.00cvss —epss 0.01
hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter.
- CVE-2021-43631Dec 22, 2021risk 0.00cvss —epss 0.01
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointment_no parameter in payment.php.
- CVE-2021-43630Dec 22, 2021risk 0.00cvss —epss 0.02
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in add_patient.php. As a result, an authenticated malicious user can compromise the databases system and in some cases leverage this vulnerability to get remote code execution on…
- CVE-2021-43629Dec 22, 2021risk 0.00cvss —epss 0.01
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in admin_home.php.
- CVE-2021-43628Dec 22, 2021risk 0.00cvss —epss 0.01
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php.