Vulnerabilities (CVE)

Filtered by vendor Doctor Appointment System Project Subscribe

Filtered by product Doctor Appointment System

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-27318	1 Doctor Appointment System Project	1 Doctor Appointment System	2021-03-08	4.3 MEDIUM	6.1 MEDIUM
Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the lastname parameter.
CVE-2021-27317	1 Doctor Appointment System Project	1 Doctor Appointment System	2021-03-08	4.3 MEDIUM	6.1 MEDIUM
Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the comment parameter.
CVE-2021-27124	1 Doctor Appointment System Project	1 Doctor Appointment System	2021-02-24	4.0 MEDIUM	6.5 MEDIUM
SQL injection in the expertise parameter in search_result.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack.