Clinics Patient Management System
CVEs (28)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-1035 | 0.00 | — | 0.01 | Feb 25, 2023 | A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been classified as critical. Affected is an unknown function of the file update_user.php. The manipulation of the argument user_id leads to sql injection. It is possible to launch the… | |||
| CVE-2022-3122 | 0.00 | — | 0.01 | Sep 5, 2022 | A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file medicine_details.php. The manipulation of the argument medicine leads to sql injection. The attack… | |||
| CVE-2022-3120 | 0.00 | — | 0.01 | Sep 5, 2022 | A vulnerability classified as critical was found in SourceCodester Clinics Patient Management System. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument user_name leads to sql injection. The… | |||
| CVE-2022-36609 | 0.00 | — | 0.01 | Sep 2, 2022 | Clinic's Patient Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /pms/update_patient.php. | |||
| CVE-2022-36251 | 0.00 | — | 0.01 | Aug 22, 2022 | Clinic's Patient Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via patients.php. | |||
| CVE-2022-36242 | 0.00 | — | 0.01 | Aug 16, 2022 | Clinic's Patient Management System v1.0 is vulnerable to SQL Injection via /pms/update_medicine.php?id=. | |||
| CVE-2022-36270 | 0.00 | — | 0.01 | Aug 10, 2022 | Clinic's Patient Management System v1.0 has arbitrary code execution via url: ip/pms/users.php. | |||
| CVE-2022-2298 | 0.00 | — | 0.01 | Jul 12, 2022 | A vulnerability has been found in SourceCodester Clinics Patient Management System 2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /pms/index.php of the component Login Page. The manipulation of the argument user_name with… |
- CVE-2023-1035Feb 25, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been classified as critical. Affected is an unknown function of the file update_user.php. The manipulation of the argument user_id leads to sql injection. It is possible to launch the…
- CVE-2022-3122Sep 5, 2022risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file medicine_details.php. The manipulation of the argument medicine leads to sql injection. The attack…
- CVE-2022-3120Sep 5, 2022risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in SourceCodester Clinics Patient Management System. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument user_name leads to sql injection. The…
- CVE-2022-36609Sep 2, 2022risk 0.00cvss —epss 0.01
Clinic's Patient Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /pms/update_patient.php.
- CVE-2022-36251Aug 22, 2022risk 0.00cvss —epss 0.01
Clinic's Patient Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via patients.php.
- CVE-2022-36242Aug 16, 2022risk 0.00cvss —epss 0.01
Clinic's Patient Management System v1.0 is vulnerable to SQL Injection via /pms/update_medicine.php?id=.
- CVE-2022-36270Aug 10, 2022risk 0.00cvss —epss 0.01
Clinic's Patient Management System v1.0 has arbitrary code execution via url: ip/pms/users.php.
- CVE-2022-2298Jul 12, 2022risk 0.00cvss —epss 0.01
A vulnerability has been found in SourceCodester Clinics Patient Management System 2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /pms/index.php of the component Login Page. The manipulation of the argument user_name with…
Page 2 of 2