VYPR

Hospital Management System

by Codezips

CVEs (6)

  • CVE-2022-38637CriSep 13, 2022
    risk 0.64cvss 9.8epss 0.05

    Hospital Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the Username and Password parameters on the Login page.

  • CVE-2022-25004CriFeb 24, 2022
    risk 0.64cvss 9.8epss 0.02

    Hospital Patient Record Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/doctors/manage_doctor.php.

  • CVE-2022-25003CriFeb 24, 2022
    risk 0.64cvss 9.8epss 0.02

    Hospital Patient Record Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/doctors/view_doctor.php.

  • CVE-2022-26244MedMar 30, 2022
    risk 0.35cvss 5.4epss 0.00

    A stored cross-site scripting (XSS) vulnerability in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "special" field.

  • CVE-2022-22853MedFeb 16, 2022
    risk 0.35cvss 5.4epss 0.01

    A stored cross-site scripting (XSS) vulnerability in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Name field.

  • CVE-2025-2664MedMar 23, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was found in CodeZips Hospital Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /suadpeted.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The…