Projectworlds Hospital Management System In Php — known CVE vulnerabilities
Every CVE whose affected-product data names Projectworlds Hospital Management System In Php, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2021-43631 — CVSS 9.8 (critical): Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointment_no parameter in payment.php.
CVE-2021-43629 — CVSS 9.8 (critical): Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in admin_home.php.
CVE-2023-5004 — CVSS 9.8 (critical): Hospital management system version 378c157 allows to bypass authentication. This is possible because the application is vulnerable to SQLI.
CVE-2023-5053 — CVSS 9.8 (critical): Hospital management system version 378c157 allows to bypass authentication. This is possible because the application is vulnerable to SQLI.
CVE-2021-43628 — CVSS 9.8 (critical): Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php.
CVE-2021-43630 — CVSS 8.8 (high): Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in add_patient.php. As a result, an…
CVE-2021-45852 — CVSS 5.3 (medium): An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious attackers can add patients without…