itodaro/PHPGurukul_Hospital_Management_System4.0_cve

Releases0

Stars2

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-22173 ↗	Jun 22, 2021Tuesday, 22 June 2021, 15:15	7.5 HIGH	5 MEDIUM
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\edit-profile.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
CVE-2020-22168 ↗	Jun 22, 2021Tuesday, 22 June 2021, 15:15	7.5 HIGH	5 MEDIUM
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\change-emaild.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
CVE-2020-22169 ↗	Jun 22, 2021Tuesday, 22 June 2021, 15:15	7.5 HIGH	5 MEDIUM
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\appointment-history.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
CVE-2020-22170 ↗	Jun 22, 2021Tuesday, 22 June 2021, 15:15	7.5 HIGH	5 MEDIUM
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\get_doctor.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
CVE-2020-22171 ↗	Jun 22, 2021Tuesday, 22 June 2021, 15:15	7.5 HIGH	5 MEDIUM
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\registration.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
CVE-2020-22172 ↗	Jun 22, 2021Tuesday, 22 June 2021, 15:15	7.5 HIGH	5 MEDIUM
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\get_doctor.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
CVE-2020-22174 ↗	Jun 22, 2021Tuesday, 22 June 2021, 15:15	7.5 HIGH	5 MEDIUM
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\book-appointment.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
CVE-2020-22175 ↗	Jun 22, 2021Tuesday, 22 June 2021, 15:15	7.5 HIGH	5 MEDIUM
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\admin\betweendates-detailsreports.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
CVE-2020-22176 ↗	Jun 22, 2021Tuesday, 22 June 2021, 15:15	7.5 HIGH	5 MEDIUM
PHPGurukul Hospital Management System in PHP v4.0 has a sensitive information disclosure vulnerability in multiple areas. Remote unauthenticated users can exploit the vulnerability to obtain user sensitive information.
CVE-2020-22166 ↗	Jun 22, 2021Tuesday, 22 June 2021, 15:15	7.5 HIGH	5 MEDIUM
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\forgot-password.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
CVE-2020-22167 ↗	Jun 22, 2021Tuesday, 22 June 2021, 15:15	5.4 MEDIUM	3.5 LOW
PHPGurukul Hospital Management System in PHP v4.0 has a Persistent Cross-Site Scripting vulnerability in \hms\admin\appointment-history.php. Remote registered users can exploit the vulnerability to obtain user cookie data.
CVE-2020-22165 ↗	Jun 22, 2021Tuesday, 22 June 2021, 15:15	7.5 HIGH	5 MEDIUM
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\user-login.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
CVE-2020-22164 ↗	Jun 22, 2021Tuesday, 22 June 2021, 15:15	7.5 HIGH	5 MEDIUM
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\check_availability.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.