Hospital Management System
by Codezips
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-38637 | Cri | 0.64 | 9.8 | 0.05 | Sep 13, 2022 | Hospital Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the Username and Password parameters on the Login page. | ||
| CVE-2022-25004 | Cri | 0.64 | 9.8 | 0.02 | Feb 24, 2022 | Hospital Patient Record Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/doctors/manage_doctor.php. | ||
| CVE-2022-25003 | Cri | 0.64 | 9.8 | 0.02 | Feb 24, 2022 | Hospital Patient Record Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/doctors/view_doctor.php. | ||
| CVE-2022-26244 | Med | 0.35 | 5.4 | 0.00 | Mar 30, 2022 | A stored cross-site scripting (XSS) vulnerability in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "special" field. | ||
| CVE-2022-22853 | Med | 0.35 | 5.4 | 0.01 | Feb 16, 2022 | A stored cross-site scripting (XSS) vulnerability in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Name field. | ||
| CVE-2025-2664 | Med | 0.31 | 4.7 | 0.00 | Mar 23, 2025 | A vulnerability was found in CodeZips Hospital Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /suadpeted.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The… |
- risk 0.64cvss 9.8epss 0.05
Hospital Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the Username and Password parameters on the Login page.
- risk 0.64cvss 9.8epss 0.02
Hospital Patient Record Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/doctors/manage_doctor.php.
- risk 0.64cvss 9.8epss 0.02
Hospital Patient Record Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/doctors/view_doctor.php.
- risk 0.35cvss 5.4epss 0.00
A stored cross-site scripting (XSS) vulnerability in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "special" field.
- risk 0.35cvss 5.4epss 0.01
A stored cross-site scripting (XSS) vulnerability in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Name field.
- risk 0.31cvss 4.7epss 0.00
A vulnerability was found in CodeZips Hospital Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /suadpeted.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The…