Filtered by vendor Hospital Management System
Subscriptions
Filtered by product Hospital Management System
Subscriptions
Total
9 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-57254 | 2 Hospital Management System, Hospital Management System Project | 2 Hospital Management System, Hospital Management System | 2025-10-02 | 6.5 Medium |
| An SQL injection vulnerability in user-login.php and index.php of Karthikg1908 Hospital Management System (HMS) 1.0 allows remote attackers to execute arbitrary SQL queries via the username and password POST parameters. The application fails to properly sanitize input before embedding it into SQL queries, leading to unauthorized access or potential data breaches. This can result in privilege escalation, account takeover, or exposure of sensitive medical data. | ||||
| CVE-2023-41530 | 2 Hospital Management System, Kishan0725 | 2 Hospital Management System, Hospital Management System | 2025-08-12 | 9.8 Critical |
| Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php. | ||||
| CVE-2023-41525 | 2 Hospital Management System, Kishan0725 | 2 Hospital Management System, Hospital Management System | 2025-08-12 | 9.8 Critical |
| Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php. | ||||
| CVE-2023-41526 | 2 Hospital Management System, Kishan0725 | 2 Hospital Management System, Hospital Management System | 2025-08-12 | 9.8 Critical |
| Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func1.php via the username3 and password3 parameters. | ||||
| CVE-2023-41531 | 2 Hospital Management System, Kishan0725 | 2 Hospital Management System, Hospital Management System | 2025-08-12 | 8.8 High |
| Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func3.php via the username1 and password2 parameters. | ||||
| CVE-2023-41528 | 2 Hospital Management System, Kishan0725 | 2 Hospital Management System, Hospital Management System | 2025-08-12 | 9.8 Critical |
| Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in contact.php via the txtname, txtphone, and txtmail parameters. | ||||
| CVE-2025-39380 | 2 Hospital Management System, Wordpress | 2 Hospital Management System, Wordpress | 2025-06-27 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla Hospital Management System allows Upload a Web Shell to a Web Server.This issue affects Hospital Management System: from n/a through 47.0(20-11-2023). | ||||
| CVE-2025-47663 | 3 Hospital Management System, Hospital Management System Project, Wordpress | 3 Hospital Management System, Hospital Management System, Wordpress | 2025-06-27 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla Hospital Management System allows Upload a Web Shell to a Web Server. This issue affects Hospital Management System: from 47.0(20 through 11. | ||||
| CVE-2023-43909 | 2 Hospital Management System, Hospital Management System Project | 2 Hospital Management System, Hospital Management System | 2024-11-21 | 9.1 Critical |
| Hospital Management System thru commit 4770d was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php. | ||||
Page 1 of 1.