← Back

Online Covid Vaccination Scheduler System Project

online_covid_vaccination_scheduler_system_project

4 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Online Covid Vaccination Scheduler System
online_covid_vaccination_scheduler_system
4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-41930
1Online Covid Vaccination Scheduler System Project
1Online Covid Vaccination Scheduler System
Jun 17, 2026
Jan 24, 2022
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross site scripting (XSS) vulnerability in Sourcecodester Online Covid Vaccination Scheduler System v1 by oretnom23, allows attackers to execute arbitrary code via the lid parameter to /scheduler/addSchedule.php.
CVE-2021-37803
1Online Covid Vaccination Scheduler System Project
1Online Covid Vaccination Scheduler System
Jun 17, 2026
Oct 27, 2021
N/A· v4
8.1 HIGH· v3
9.3 HIGH· v2
An SQL Injection vulnerability exists in Sourcecodester Online Covid Vaccination Scheduler System 1.0 via the username in lognin.php .
CVE-2021-36622
1Online Covid Vaccination Scheduler System Project
1Online Covid Vaccination Scheduler System
Jun 17, 2026
Aug 3, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Sourcecodester Online Covid Vaccination Scheduler System 1.0 is affected vulnerable to Arbitrary File Upload. The admin panel has an upload function of profile photo accessible at http://localhost/scheduler/admin/?page=u...Show more
Sourcecodester Online Covid Vaccination Scheduler System 1.0 is affected vulnerable to Arbitrary File Upload. The admin panel has an upload function of profile photo accessible at http://localhost/scheduler/admin/?page=user. An attacker could upload a malicious file such as shell.php with the Content-Type: image/png. Then, the attacker have to visit the uploaded profile photo to access the shell.Show less
CVE-2021-36621
1Online Covid Vaccination Scheduler System Project
1Online Covid Vaccination Scheduler System
Jun 17, 2026
Jul 30, 2021
N/A· v4
8.1 HIGH· v3
6.8 MEDIUM· v2
Sourcecodester Online Covid Vaccination Scheduler System 1.0 is vulnerable to SQL Injection. The username parameter is vulnerable to time-based SQL injection. Upon successful dumping the admin password hash, an attacker...Show more
Sourcecodester Online Covid Vaccination Scheduler System 1.0 is vulnerable to SQL Injection. The username parameter is vulnerable to time-based SQL injection. Upon successful dumping the admin password hash, an attacker can decrypt and obtain the plain-text password. Hence, the attacker could authenticate as Administrator.Show less