Hospital Management System
by Dasinfomedia
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-47663 | Cri | 0.64 | 9.9 | 0.00 | May 23, 2025 | Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla Hospital Management System allows Upload a Web Shell to a Web Server. This issue affects Hospital Management System: from 47.0(20 through 11. | ||
| CVE-2017-14846 | Hig | 0.60 | 8.8 | 0.03 | Sep 28, 2017 | Mojoomla Hospital Management System for WordPress allows SQL Injection via the id parameter. | ||
| CVE-2025-47631 | Hig | 0.57 | 8.8 | 0.00 | May 23, 2025 | Incorrect Privilege Assignment vulnerability in mojoomla Hospital Management System allows Privilege Escalation. This issue affects Hospital Management System: from 47.0(20 through 11. | ||
| CVE-2023-41530 | 0.00 | — | 0.00 | Aug 7, 2025 | Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php. | |||
| CVE-2020-36011 | 0.00 | — | 0.01 | Jan 26, 2021 | A cross-site scripting (XSS) issue in Add Patient Form in QDOCS Smart Hospital Management System 3.1 allows a remote attacker to inject arbitrary code via the Name, Guardian Name, Email, Address, Remarks, or Any Known Allergies field. |
- risk 0.64cvss 9.9epss 0.00
Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla Hospital Management System allows Upload a Web Shell to a Web Server. This issue affects Hospital Management System: from 47.0(20 through 11.
- risk 0.60cvss 8.8epss 0.03
Mojoomla Hospital Management System for WordPress allows SQL Injection via the id parameter.
- risk 0.57cvss 8.8epss 0.00
Incorrect Privilege Assignment vulnerability in mojoomla Hospital Management System allows Privilege Escalation. This issue affects Hospital Management System: from 47.0(20 through 11.
- CVE-2023-41530Aug 7, 2025risk 0.00cvss —epss 0.00
Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php.
- CVE-2020-36011Jan 26, 2021risk 0.00cvss —epss 0.01
A cross-site scripting (XSS) issue in Add Patient Form in QDOCS Smart Hospital Management System 3.1 allows a remote attacker to inject arbitrary code via the Name, Guardian Name, Email, Address, Remarks, or Any Known Allergies field.