📦 Hospital Management System
by Phpgurukul
🔍 What is Hospital Management System?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
CVE-2025-56212 is a critical SQL injection vulnerability in phpgurukul Hospital Management System 4.0 that allows attackers to execute arbitrary SQL commands via the docname parameter in add-doctor.ph...
CVE-2020-26629 is an unauthenticated arbitrary file upload vulnerability in Hospital Management System V4.0 that allows attackers to upload malicious files to the server. This affects all deployments ...
CVE-2022-24263 is a SQL injection vulnerability in Hospital Management System v4.0 that allows attackers to execute arbitrary SQL commands via the email parameter in func.php. This affects all users r...
CVE-2025-56216 is an SQL injection vulnerability in phpgurukul Hospital Management System 4.0 that allows attackers to execute arbitrary SQL commands via the pagetitle parameter in about-us.php. This ...
CVE-2025-7604 is a critical SQL injection vulnerability in PHPGurukul Hospital Management System 4.0 that allows remote attackers to execute arbitrary SQL commands via the Username parameter in /user-...
This critical SQL injection vulnerability in PHPGurukul Hospital Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the viewid parameter in view-medhistory.php. This c...
Hospital Management System 1.0 contains a SQL injection vulnerability in the pat_number parameter at his_admin_view_single_patient.php. This allows attackers to execute arbitrary SQL commands on the d...
Hospital Management System 1.0 contains a SQL injection vulnerability in the pat_number parameter at his_doc_view_single_patien.php. This allows attackers to execute arbitrary SQL commands on the data...
This critical SQL injection vulnerability in PHPGurukul Hospital Management System 1.0 allows attackers to execute arbitrary SQL commands through the Admin Dashboard component. Attackers can potential...
Hospital Management System v4.0 contains a blind SQL injection vulnerability in the register function (func2.php) that allows attackers to execute arbitrary SQL commands without seeing the results dir...
This SQL injection vulnerability in Hospital Management System v4.0 allows attackers to execute arbitrary SQL commands through the txtMsg parameter in contact.php. This could lead to unauthorized data...
CVE-2020-22168 is a SQL injection vulnerability in PHPGurukul Hospital Management System v4.0 that allows remote unauthenticated attackers to execute arbitrary SQL commands. This can lead to unauthori...
CVE-2020-22170 is a SQL injection vulnerability in PHPGurukul Hospital Management System v4.0 that allows remote unauthenticated attackers to execute arbitrary SQL commands. This can lead to unauthori...
CVE-2020-22172 is a SQL injection vulnerability in PHPGurukul Hospital Management System v4.0 that allows remote unauthenticated attackers to execute arbitrary SQL commands through the get_doctor.php ...
CVE-2020-22174 is a SQL injection vulnerability in PHPGurukul Hospital Management System v4.0 that allows remote unauthenticated attackers to execute arbitrary SQL commands via the book-appointment.ph...
CVE-2020-22176 allows remote unauthenticated attackers to access sensitive user information in PHPGurukul Hospital Management System v4.0. This affects all deployments of this specific version that ar...
CVE-2020-22165 is a SQL injection vulnerability in PHPGurukul Hospital Management System v4.0 that allows remote unauthenticated attackers to execute arbitrary SQL queries. This can lead to unauthoriz...
This IDOR vulnerability in PHPGurukul Hospital Management System allows authenticated users to access other patients' confidential medical records by manipulating the 'viewid' parameter. Any healthcar...
This CVE describes a SQL injection vulnerability in PHPGurukul Hospital Management System 4.0, specifically in the /hms/admin/manage-doctors.php file via the ID parameter. It allows remote attackers t...
CVE-2026-1550 is an improper authorization vulnerability in PHPGurukul Hospital Management System 1.0 that allows attackers to bypass access controls on the admin dashboard. Remote attackers can explo...
This SQL injection vulnerability in phpgurukul Hospital Management System 4.0 allows attackers to manipulate database queries through the pagetitle parameter in contact.php. Attackers could potentiall...
PHPGurukul Hospital Management System 4.0 contains stored cross-site scripting vulnerabilities in patient history and admin view pages. Attackers can inject malicious scripts that execute when legitim...
PHPGurukul Hospital Management System 4.0 contains a stored cross-site scripting (XSS) vulnerability in the doctor portal's email parameter. This allows attackers to inject malicious scripts that exec...
This CVE describes multiple stored XSS vulnerabilities in PHPGurukul Hospital Management System 4.0. Attackers can inject malicious scripts via the docname parameter in doctor management pages, which ...