NicatAliyevh/Zero-Days

NicatAliyevh/Zero-Days

Releases0

Stars1

Zero Days Found By Me

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-63514 ↗	Nov 18, 2025Tuesday, 18 November 2025, 18:16	6.1 MEDIUM	—
kishan0725 Hospital Management System has a Cross-Site Scripting (XSS) vulnerability in appsearch.php via the email parameter.
CVE-2025-63513 ↗	Nov 18, 2025Tuesday, 18 November 2025, 17:16	6.5 MEDIUM	—
kishan0725 Hospital Management System v4 has an Insecure Direct Object Reference (IDOR) vulnerability in the appointment cancellation functionality.
CVE-2025-63512 ↗	Nov 18, 2025Tuesday, 18 November 2025, 17:16	6.5 MEDIUM	—
kishan0725 Hospital Management System/ v4 is vulnerable to SQL Injection in admin-panel1.php, specifically in the deleting doctor logic. The application fails to properly sanitize or parameterize user-supplied input from the demail parameter before incorporating it directly into a dynamic SQL query.