VYPR

Online Doctor Appointment System

by Unguardable

CVEs (4)

  • CVE-2026-3981HigMar 12, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in itsourcecode Online Doctor Appointment System 1.0. Affected is an unknown function of the file /admin/doctor_action.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit…

  • CVE-2026-3980HigMar 12, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in itsourcecode Online Doctor Appointment System 1.0. This impacts an unknown function of the file /admin/patient_action.php. Such manipulation of the argument patient_id leads to sql injection. The attack may be launched remotely. The exploit has…

  • CVE-2026-4473MedMar 20, 2026
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was detected in itsourcecode Online Doctor Appointment System 1.0. This issue affects some unknown processing of the file /admin/appointment_action.php. The manipulation of the argument appointment_id results in sql injection. The attack can be launched remotely.…

  • CVE-2021-25791Jul 23, 2021
    risk 0.03cvss epss 0.03

    Multiple stored cross site scripting (XSS) vulnerabilities in the "Update Profile" module of Online Doctor Appointment System 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads in the First Name, Last Name, and Address text fields.