Doctor Appointment System
by Remyandrade
CVEs (27)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-1057 | 0.00 | — | 0.01 | Feb 27, 2023 | A vulnerability was found in SourceCodester Doctors Appointment System 1.0. It has been rated as critical. Affected by this issue is the function edoc of the file login.php. The manipulation of the argument usermail leads to sql injection. VDB-221822 is the identifier assigned… | |||
| CVE-2023-1056 | 0.00 | — | 0.01 | Feb 27, 2023 | A vulnerability was found in SourceCodester Doctors Appointment System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /edoc/doctor/patient.php. The manipulation of the argument search12 leads to sql injection. The… | |||
| CVE-2022-46128 | 0.00 | — | 0.00 | Jan 25, 2023 | phpgurukul Doctor Appointment Management System V 1.0.0 is vulnerable to Cross Site Scripting (XSS) via searchdata=. | |||
| CVE-2022-45730 | 0.00 | — | 0.01 | Jan 25, 2023 | A cross-site scripting (XSS) vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search function. | |||
| CVE-2022-36201 | 0.00 | — | 0.02 | Aug 31, 2022 | Doctor’s Appointment System v1.0 is vulnerable to Blind SQLi via settings.php. | |||
| CVE-2022-36202 | 0.00 | — | 0.01 | Aug 31, 2022 | Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control (IDOR) via id= parameter. | |||
| CVE-2022-28568 | 0.00 | — | 0.04 | May 4, 2022 | Sourcecodester Doctor's Appointment System 1.0 is vulnerable to File Upload to RCE via Image upload from the administrator panel. An attacker can obtain remote command execution just by knowing the path where the images are stored. |
- CVE-2023-1057Feb 27, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Doctors Appointment System 1.0. It has been rated as critical. Affected by this issue is the function edoc of the file login.php. The manipulation of the argument usermail leads to sql injection. VDB-221822 is the identifier assigned…
- CVE-2023-1056Feb 27, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Doctors Appointment System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /edoc/doctor/patient.php. The manipulation of the argument search12 leads to sql injection. The…
- CVE-2022-46128Jan 25, 2023risk 0.00cvss —epss 0.00
phpgurukul Doctor Appointment Management System V 1.0.0 is vulnerable to Cross Site Scripting (XSS) via searchdata=.
- CVE-2022-45730Jan 25, 2023risk 0.00cvss —epss 0.01
A cross-site scripting (XSS) vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search function.
- CVE-2022-36201Aug 31, 2022risk 0.00cvss —epss 0.02
Doctor’s Appointment System v1.0 is vulnerable to Blind SQLi via settings.php.
- CVE-2022-36202Aug 31, 2022risk 0.00cvss —epss 0.01
Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control (IDOR) via id= parameter.
- CVE-2022-28568May 4, 2022risk 0.00cvss —epss 0.04
Sourcecodester Doctor's Appointment System 1.0 is vulnerable to File Upload to RCE via Image upload from the administrator panel. An attacker can obtain remote command execution just by knowing the path where the images are stored.
Page 2 of 2