Vulnerabilities (CVE)

Filtered by vendor Doctor Appointment System Project Subscribe

Filtered by product Doctor Appointment System

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-39852	1 Doctor Appointment System Project	1 Doctor Appointment System	2023-08-21	N/A	9.8 CRITICAL
DISPUTED Doctormms v1.0 was discovered to contain a SQL injection vulnerability via the $userid parameter at myAppoinment.php. NOTE: this is disputed by a third party who indicates that the userid is a session variable controlled by the server, and thus cannot be used for exploitation.
CVE-2021-27314	1 Doctor Appointment System Project	1 Doctor Appointment System	2021-03-05	7.5 HIGH	9.8 CRITICAL
SQL injection in admin.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via username parameter at login page.