Remoteclinic Remote Clinic — known CVE vulnerabilities
Every CVE whose affected-product data names Remoteclinic Remote Clinic, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (17)
CVE-2022-48152 — CVSS 9.8 (critical): SQL Injection vulnerability in RemoteClinic 2.0 allows attackers to execute arbitrary commands and gain sensitive information via the id…
CVE-2023-33481 — CVSS 9.8 (critical): RemoteClinic 2.0 is vulnerable to a time-based blind SQL injection attack in the 'start' GET parameter of patients/index.php.
CVE-2023-33480 — CVSS 8.8 (high): RemoteClinic 2.0 contains a critical vulnerability chain that can be exploited by a remote attacker with low-privileged user credentials to…
CVE-2025-9775 — CVSS 7.3 (high): A vulnerability was found in RemoteClinic up to 2.0. Impacted is an unknown function of the file /staff/edit-my-profile.php. The…
CVE-2025-9772 — CVSS 7.3 (high): A vulnerability was detected in RemoteClinic up to 2.0. This affects an unknown part of the file /staff/edit.php. Performing manipulation…
CVE-2021-39416 — CVSS 6.1 (medium): Multiple Cross Site Scripting (XSS) vulnerabilities exists in Remote Clinic v2.0 in (1) patients/register-patient.php via the (a) Contact…
CVE-2021-30044 — CVSS 5.4 (medium): Cross Site Scripting (XSS) in Remote Clinic v2.0 via the First Name or Last Name field on staff/register.php.
CVE-2021-30042 — CVSS 5.4 (medium): Cross Site Scripting (XSS) in Remote Clinic v2.0 via the "Clinic Name", "Clinic Address", "Clinic City", or "Clinic Contact" field on…
CVE-2021-30039 — CVSS 5.4 (medium): Cross Site Scripting (XSS) in Remote Clinic v2.0 via the "Fever" or "Blood Pressure" field on the patients/register-report.php.
CVE-2021-30034 — CVSS 5.4 (medium): Cross Site Scripting (XSS) in Remote Clinic v2.0 via the Symptons field on patients/register-report.php.
CVE-2021-31329 — CVSS 5.4 (medium): Cross Site Scripting (XSS) in Remote Clinic v2.0 via the "Chat" and "Personal Address" field on staff/register.php
CVE-2025-9774 — CVSS 4.3 (medium): A vulnerability has been found in RemoteClinic up to 2.0. This issue affects some unknown processing of the file /patients/edit-patient.php…
CVE-2025-9773 — CVSS 4.3 (medium): A flaw has been found in RemoteClinic up to 2.0. This vulnerability affects unknown code of the file /staff/edit.php. Executing…