Filtered by vendor Doctor\'s Appointment System Project
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-36202 | 1 Doctor\'s Appointment System Project | 1 Doctor\'s Appointment System | 2024-02-14 | N/A | 9.8 CRITICAL |
| Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control (IDOR) via id= parameter. | |||||
| CVE-2022-36201 | 1 Doctor\'s Appointment System Project | 1 Doctor\'s Appointment System | 2023-12-10 | N/A | 9.8 CRITICAL |
| Doctor’s Appointment System v1.0 is vulnerable to Blind SQLi via settings.php. | |||||
| CVE-2022-36203 | 1 Doctor\'s Appointment System Project | 1 Doctor\'s Appointment System | 2023-12-10 | N/A | 6.1 MEDIUM |
| Doctor's Appointment System 1.0 is vulnerable to Cross Site Scripting (XSS) via the admin panel. In addition, it leads to takeover the administrator account by stealing the cookie via XSS. | |||||