Skip to main content

Remote Clinic

13 CVEs product

Monthly

CVE-2025-9774 LOW Monitor

A vulnerability has been found in RemoteClinic up to 2.0.php. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Information Disclosure Remote Clinic
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2023-33481 CRITICAL POC Act Now

RemoteClinic 2.0 is vulnerable to a time-based blind SQL injection attack in the 'start' GET parameter of patients/index.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Remote Clinic
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-33480 HIGH POC This Week

RemoteClinic 2.0 contains a critical vulnerability chain that can be exploited by a remote attacker with low-privileged user credentials to create admin users, escalate privileges, and execute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload PHP Remote Clinic
NVD GitHub
CVSS 3.1
8.8
EPSS
1.9%
CVE-2023-33479 CRITICAL POC Act Now

RemoteClinic version 2.0 contains a SQL injection vulnerability in the /staff/edit.php file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Remote Clinic
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-33478 CRITICAL POC Act Now

RemoteClinic 2.0 has a SQL injection vulnerability in the ID parameter of /medicines/stocks.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Remote Clinic
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2021-39416 MEDIUM POC This Month

Multiple Cross Site Scripting (XSS) vulnerabilities exists in Remote Clinic v2.0 in (1) patients/register-patient.php via the (a) Contact, (b) Email, (c) Weight, (d) Profession, (e) ref_contact, (f). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Remote Clinic
NVD GitHub
CVSS 3.1
6.1
EPSS
1.1%
CVE-2021-31329 MEDIUM POC This Month

Cross Site Scripting (XSS) in Remote Clinic v2.0 via the "Chat" and "Personal Address" field on staff/register.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Remote Clinic
NVD GitHub Exploit-DB
CVSS 3.1
5.4
EPSS
1.7%
CVE-2021-31327 MEDIUM POC This Month

Stored XSS in Remote Clinic v2.0 in /medicines due to Medicine Name Field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Remote Clinic
NVD GitHub Exploit-DB
CVSS 3.1
5.4
EPSS
1.7%
CVE-2021-30044 MEDIUM POC This Month

Cross Site Scripting (XSS) in Remote Clinic v2.0 via the First Name or Last Name field on staff/register.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Remote Clinic
NVD GitHub Exploit-DB
CVSS 3.1
5.4
EPSS
1.8%
CVE-2021-30042 MEDIUM POC This Month

Cross Site Scripting (XSS) in Remote Clinic v2.0 via the "Clinic Name", "Clinic Address", "Clinic City", or "Clinic Contact" field on clinics/register.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Remote Clinic
NVD GitHub Exploit-DB
CVSS 3.1
5.4
EPSS
1.8%
CVE-2021-30039 MEDIUM POC This Month

Cross Site Scripting (XSS) in Remote Clinic v2.0 via the "Fever" or "Blood Pressure" field on the patients/register-report.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Remote Clinic
NVD GitHub Exploit-DB
CVSS 3.1
5.4
EPSS
1.8%
CVE-2021-30034 MEDIUM POC This Month

Cross Site Scripting (XSS) in Remote Clinic v2.0 via the Symptons field on patients/register-report.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Remote Clinic
NVD GitHub Exploit-DB
CVSS 3.1
5.4
EPSS
1.8%
CVE-2021-30030 MEDIUM POC This Month

Cross Site Scripting (XSS) in Remote Clinic v2.0 via the Full Name field on register-patient.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Remote Clinic
NVD GitHub Exploit-DB
CVSS 3.1
5.4
EPSS
1.8%
EPSS 0% CVSS 2.1
LOW Monitor

A vulnerability has been found in RemoteClinic up to 2.0.php. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Information Disclosure Remote Clinic
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

RemoteClinic 2.0 is vulnerable to a time-based blind SQL injection attack in the 'start' GET parameter of patients/index.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Remote Clinic
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

RemoteClinic 2.0 contains a critical vulnerability chain that can be exploited by a remote attacker with low-privileged user credentials to create admin users, escalate privileges, and execute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload PHP +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

RemoteClinic version 2.0 contains a SQL injection vulnerability in the /staff/edit.php file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Remote Clinic
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

RemoteClinic 2.0 has a SQL injection vulnerability in the ID parameter of /medicines/stocks.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Remote Clinic
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Multiple Cross Site Scripting (XSS) vulnerabilities exists in Remote Clinic v2.0 in (1) patients/register-patient.php via the (a) Contact, (b) Email, (c) Weight, (d) Profession, (e) ref_contact, (f). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Remote Clinic
NVD GitHub
EPSS 2% CVSS 5.4
MEDIUM POC This Month

Cross Site Scripting (XSS) in Remote Clinic v2.0 via the "Chat" and "Personal Address" field on staff/register.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Remote Clinic
NVD GitHub Exploit-DB
EPSS 2% CVSS 5.4
MEDIUM POC This Month

Stored XSS in Remote Clinic v2.0 in /medicines due to Medicine Name Field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Remote Clinic
NVD GitHub Exploit-DB
EPSS 2% CVSS 5.4
MEDIUM POC This Month

Cross Site Scripting (XSS) in Remote Clinic v2.0 via the First Name or Last Name field on staff/register.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Remote Clinic
NVD GitHub Exploit-DB
EPSS 2% CVSS 5.4
MEDIUM POC This Month

Cross Site Scripting (XSS) in Remote Clinic v2.0 via the "Clinic Name", "Clinic Address", "Clinic City", or "Clinic Contact" field on clinics/register.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Remote Clinic
NVD GitHub Exploit-DB
EPSS 2% CVSS 5.4
MEDIUM POC This Month

Cross Site Scripting (XSS) in Remote Clinic v2.0 via the "Fever" or "Blood Pressure" field on the patients/register-report.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Remote Clinic
NVD GitHub Exploit-DB
EPSS 2% CVSS 5.4
MEDIUM POC This Month

Cross Site Scripting (XSS) in Remote Clinic v2.0 via the Symptons field on patients/register-report.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Remote Clinic
NVD GitHub Exploit-DB
EPSS 2% CVSS 5.4
MEDIUM POC This Month

Cross Site Scripting (XSS) in Remote Clinic v2.0 via the Full Name field on register-patient.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Remote Clinic
NVD GitHub Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy