Open Source Clinic Management System
Monthly
Critical SQL injection vulnerability in SourceCodester Open Source Clinic Management System v1.0, specifically in the /doctor.php file where the 'doctorname' parameter is insufficiently sanitized. An unauthenticated remote attacker can exploit this to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion of sensitive healthcare information. The vulnerability has public exploit disclosure and may be actively exploited.
SourceCodester Open Source Clinic Management System version 1.0 contains a critical SQL injection vulnerability in the /email_config.php file affecting the 'email' parameter. An unauthenticated remote attacker can exploit this to execute arbitrary SQL commands, potentially leading to unauthorized data access, modification, or system compromise. Public disclosure and exploit code availability significantly elevate real-world risk.
A vulnerability classified as critical was found in SourceCodester Open Source Clinic Management System 1.0. This vulnerability affects unknown code of the file /manage_website.php. The manipulation of the argument website_image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
A remote code execution vulnerability in A vulnerability classified as critical (CVSS 7.3). Risk factors: public PoC available.
Critical SQL injection vulnerability in SourceCodester Open Source Clinic Management System 1.0 affecting the /appointment.php file's patient parameter. An unauthenticated remote attacker can exploit this to execute arbitrary SQL queries, potentially compromising data confidentiality, integrity, and availability. The exploit has been publicly disclosed with proof-of-concept availability, significantly elevating real-world exploitation risk.
Critical SQL injection vulnerability in SourceCodester Open Source Clinic Management System v1.0, specifically in the /doctor.php file where the 'doctorname' parameter is insufficiently sanitized. An unauthenticated remote attacker can exploit this to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion of sensitive healthcare information. The vulnerability has public exploit disclosure and may be actively exploited.
SourceCodester Open Source Clinic Management System version 1.0 contains a critical SQL injection vulnerability in the /email_config.php file affecting the 'email' parameter. An unauthenticated remote attacker can exploit this to execute arbitrary SQL commands, potentially leading to unauthorized data access, modification, or system compromise. Public disclosure and exploit code availability significantly elevate real-world risk.
A vulnerability classified as critical was found in SourceCodester Open Source Clinic Management System 1.0. This vulnerability affects unknown code of the file /manage_website.php. The manipulation of the argument website_image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
A remote code execution vulnerability in A vulnerability classified as critical (CVSS 7.3). Risk factors: public PoC available.
Critical SQL injection vulnerability in SourceCodester Open Source Clinic Management System 1.0 affecting the /appointment.php file's patient parameter. An unauthenticated remote attacker can exploit this to execute arbitrary SQL queries, potentially compromising data confidentiality, integrity, and availability. The exploit has been publicly disclosed with proof-of-concept availability, significantly elevating real-world exploitation risk.