Hospital Management System
Sign in to watchby Phpgurukul
Source repositories
CVEs (9)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-56214 | Cri | 0.64 | 9.8 | 0.00 | Aug 25, 2025 | phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in index.php via the username parameter. | |
| CVE-2025-56212 | Cri | 0.64 | 9.8 | 0.00 | Aug 25, 2025 | phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in add-doctor.php via the docname parameter. | |
| CVE-2025-56216 | Hig | 0.55 | 8.5 | 0.00 | Aug 25, 2025 | phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in about-us.php via the pagetitle parameter. | |
| CVE-2025-7604 | Hig | 0.47 | 7.3 | 0.00 | Jul 14, 2025 | A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /user-login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |
| CVE-2025-7176 | Hig | 0.47 | 7.3 | 0.00 | Jul 8, 2025 | A vulnerability was found in PHPGurukul Hospital Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view-medhistory.php. The manipulation of the argument viewid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |
| CVE-2025-56215 | Med | 0.42 | 6.5 | 0.00 | Aug 25, 2025 | phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in contact.php via the pagetitle parameter. | |
| CVE-2026-1550 | Med | 0.41 | 6.3 | 0.00 | Jan 28, 2026 | A security flaw has been discovered in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /hms/hospital/docappsystem/adminviews.py of the component Admin Dashboard Page. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. | |
| CVE-2026-2179 | Med | 0.31 | 4.7 | 0.00 | Feb 8, 2026 | A vulnerability was determined in PHPGurukul Hospital Management System 4.0. This impacts an unknown function of the file /admin/manage-users.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. | |
| CVE-2026-2134 | Med | 0.31 | 4.7 | 0.00 | Feb 8, 2026 | A security vulnerability has been detected in PHPGurukul Hospital Management System 4.0. The affected element is an unknown function of the file /hms/admin/manage-doctors.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. |