VYPR

Doctor Appointment System

by Remyandrade

CVEs (27)

  • CVE-2026-9603MedMay 26, 2026
    risk 0.42cvss 6.5epss 0.00

    A security vulnerability has been detected in SourceCodester eDoc Doctor Appointment System 1.0. This affects an unknown part of the file /admin/delete-session.php. The manipulation of the argument ID leads to missing authorization. Remote exploitation of the attack is possible.…

  • CVE-2026-3302MedFeb 27, 2026
    risk 0.28cvss 4.3epss 0.00

    A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown functionality of the file /register.php of the component Sign Up Page. Executing a manipulation of the argument Email can lead to cross site scripting. The…

  • CVE-2021-27320Mar 24, 2021
    risk 0.02cvss epss 0.09

    Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via firstname parameter.

  • CVE-2025-66918Dec 11, 2025
    risk 0.00cvss epss 0.00

    edoc-doctor-appointment-system v1.0.1 is vulnerable to Cross Site Scripting (XSS) in admin/add-session.php via the "title" parameter.

  • CVE-2025-65358Dec 2, 2025
    risk 0.00cvss epss 0.00

    Edoc-doctor-appointment-system v1.0.1 was discovered to contain SQl injection vulnerability via the 'docid' parameter at /admin/appointment.php.

  • CVE-2025-45805Sep 3, 2025
    risk 0.00cvss epss 0.00

    In phpgurukul Doctor Appointment Management System 1.0, an authenticated doctor user can inject arbitrary JavaScript code into their profile name. This payload is subsequently rendered without proper sanitization, when a user visits the website and selects the doctor to book an…

  • CVE-2025-50493Jul 28, 2025
    risk 0.00cvss epss 0.00

    Improper session invalidation in the component /doctor/change-password.php of PHPGurukul Doctor Appointment Management System v1 allows attackers to execute a session hijacking attack.

  • CVE-2025-2649Mar 23, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical was found in PHPGurukul Doctor Appointment Management System 1.0. This vulnerability affects unknown code of the file /check-appointment.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated…

  • CVE-2025-2640Mar 23, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in PHPGurukul Doctor Appointment Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /doctor/appointment-bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql…

  • CVE-2025-2383Mar 17, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as critical, has been found in PHPGurukul Doctor Appointment Management System 1.0. Affected by this issue is some unknown functionality of the file /doctor/search.php. The manipulation of the argument searchdata leads to sql injection. The…

  • CVE-2024-48807Oct 30, 2024
    risk 0.00cvss epss 0.00

    Cross Site Scripting vulnerability in PHPGurukul Doctor Appointment Management System v.1.0 allows a local attacker to execute arbitrary code via the search parameter.

  • CVE-2024-4294Apr 27, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in PHPGurukul Doctor Appointment Management System 1.0. Affected by this issue is some unknown functionality of the file /doctor/view-appointment-detail.php. The manipulation of the argument editid leads to…

  • CVE-2024-4293Apr 27, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic was found in PHPGurukul Doctor Appointment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file appointment-bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to…

  • CVE-2023-40945Sep 11, 2023
    risk 0.00cvss epss 0.01

    Sourcecodester Doctor Appointment System 1.0 is vulnerable to SQL Injection in the variable $userid at doctors\myDetails.php.

  • CVE-2023-4219Aug 8, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Doctors Appointment System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument useremail leads to sql injection. The attack can be…

  • CVE-2023-1063Feb 27, 2023
    risk 0.00cvss epss 0.01

    A vulnerability has been found in SourceCodester Doctors Appointment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/patient.php of the component Parameter Handler. The manipulation of the argument search leads…

  • CVE-2023-1062Feb 27, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in SourceCodester Doctors Appointment System 1.0. Affected is an unknown function of the file /admin/add-new.php of the component Parameter Handler. The manipulation of the argument email leads to sql injection. It is…

  • CVE-2023-1061Feb 27, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in SourceCodester Doctors Appointment System 1.0. This issue affects some unknown processing of the file /admin/edit-doc.php. The manipulation of the argument email/oldmail leads to sql injection. The attack may…

  • CVE-2023-1059Feb 27, 2023
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in SourceCodester Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/doctors.php of the component Parameter Handler. The manipulation of the argument search/id leads to sql injection. The…

  • CVE-2023-1058Feb 27, 2023
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in SourceCodester Doctors Appointment System 1.0. This affects an unknown part of the file create-account.php. The manipulation of the argument newemail leads to sql injection. It is possible to initiate the attack remotely.…

Page 1 of 2