← Back

Hospital's Patient Records Management System Project

hospital's_patient_records_management_system_project

26 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Hospital's Patient Records Management System
hospital's_patient_records_management_system
26 CVEs

CVEs (26)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-22853
1Hospital's Patient Records Management System Project
1Hospital's Patient Records Management System
Nov 21, 2024
Feb 16, 2022
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
A stored cross-site scripting (XSS) vulnerability in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Name field.
CVE-2022-22854
1Hospital's Patient Records Management System Project
1Hospital's Patient Records Management System
Nov 21, 2024
Feb 14, 2022
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
An access control issue in hprms/admin/?page=user/list of Hospital Patient Record Management System v1.0 allows attackers to escalate privileges via accessing and editing the user list.
CVE-2022-22852
1Hospital's Patient Records Management System Project
1Hospital's Patient Records Management System
Nov 21, 2024
Jan 26, 2022
N/A· v4
5.4 MEDIUM· v3
4.3 MEDIUM· v2
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_list.
CVE-2022-22850
1Hospital's Patient Records Management System Project
1Hospital's Patient Records Management System
Nov 21, 2024
Jan 26, 2022
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_types.
CVE-2022-22851
1Hospital's Patient Records Management System Project
1Hospital's Patient Records Management System
Nov 21, 2024
Jan 26, 2022
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php
CVE-2022-22296
1Hospital's Patient Records Management System Project
1Hospital's Patient Records Management System
Nov 21, 2024
Jan 24, 2022
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
Sourcecodester Hospital's Patient Records Management System 1.0 is vulnerable to Insecure Permissions via the id parameter in manage_user endpoint. Simply change the value and data of other users can be displayed.