Doctor Search Script
Monthly
PHP Scripts Mall Doctor Search Script 1.0.2 has Stored XSS via an arbitrary profile field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Doctor Search Script 1.0 has SQL Injection via the /list city parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
PHP Scripts Mall Doctor Search Script 1.0.2 has Stored XSS via an arbitrary profile field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Doctor Search Script 1.0 has SQL Injection via the /list city parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.