VYPR

Doctors Appointment System

by Sourcecodester

CVEs (15)

  • CVE-2023-40945CriSep 11, 2023
    risk 0.64cvss 9.8epss 0.01

    Sourcecodester Doctor Appointment System 1.0 is vulnerable to SQL Injection in the variable $userid at doctors\myDetails.php.

  • CVE-2022-36202CriAug 31, 2022
    risk 0.64cvss 9.8epss 0.01

    Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control (IDOR) via id= parameter.

  • CVE-2022-28568CriMay 4, 2022
    risk 0.64cvss 9.8epss 0.04

    Sourcecodester Doctor's Appointment System 1.0 is vulnerable to File Upload to RCE via Image upload from the administrator panel. An attacker can obtain remote command execution just by knowing the path where the images are stored.

  • CVE-2023-4219HigAug 8, 2023
    risk 0.48cvss 7.3epss 0.01

    A vulnerability was found in SourceCodester Doctors Appointment System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument useremail leads to sql injection. The attack can be…

  • CVE-2023-1058HigFeb 27, 2023
    risk 0.48cvss 7.3epss 0.01

    A vulnerability classified as critical has been found in SourceCodester Doctors Appointment System 1.0. This affects an unknown part of the file create-account.php. The manipulation of the argument newemail leads to sql injection. It is possible to initiate the attack remotely.…

  • CVE-2025-4895HigMay 18, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability, which was classified as critical, has been found in SourceCodester Doctors Appointment System 1.0. This issue affects some unknown processing of the file /admin/delete-session.php. The manipulation of the argument ID leads to sql injection. The attack may be…

  • CVE-2025-4818HigMay 17, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in SourceCodester Doctor's Appointment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/delete-doctor.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql…

  • CVE-2025-4817HigMay 17, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in Sourcecodester Doctor's Appointment System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/delete-appointment.php of the component GET Parameter Handler. The manipulation of the argument ID leads to…

  • CVE-2025-4816HigMay 17, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in SourceCodester Doctor's Appointment System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/appointment.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection. It…

  • CVE-2023-1063MedFeb 27, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability has been found in SourceCodester Doctors Appointment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/patient.php of the component Parameter Handler. The manipulation of the argument search leads…

  • CVE-2023-1062MedFeb 27, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability, which was classified as critical, was found in SourceCodester Doctors Appointment System 1.0. Affected is an unknown function of the file /admin/add-new.php of the component Parameter Handler. The manipulation of the argument email leads to sql injection. It is…

  • CVE-2023-1061MedFeb 27, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability, which was classified as critical, has been found in SourceCodester Doctors Appointment System 1.0. This issue affects some unknown processing of the file /admin/edit-doc.php. The manipulation of the argument email/oldmail leads to sql injection. The attack may…

  • CVE-2023-1059MedFeb 27, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability classified as critical was found in SourceCodester Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/doctors.php of the component Parameter Handler. The manipulation of the argument search/id leads to sql injection. The…

  • CVE-2023-1056MedFeb 27, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was found in SourceCodester Doctors Appointment System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /edoc/doctor/patient.php. The manipulation of the argument search12 leads to sql injection. The…

  • CVE-2023-1057MedFeb 27, 2023
    risk 0.36cvss 5.5epss 0.01

    A vulnerability was found in SourceCodester Doctors Appointment System 1.0. It has been rated as critical. Affected by this issue is the function edoc of the file login.php. The manipulation of the argument usermail leads to sql injection. VDB-221822 is the identifier assigned…