📦 Remote Clinic

RemoteClinic 2.0 contains a time-based blind SQL injection vulnerability in the patients/index.php 'start' parameter that allows attackers to extract database information through timing delays. This a...

CVE-2025-9775 is an unrestricted file upload vulnerability in RemoteClinic's staff profile editing functionality. Attackers can upload malicious files via the /staff/edit-my-profile.php endpoint, pote...

CVE-2025-9772 is an unrestricted file upload vulnerability in RemoteClinic's /staff/edit.php endpoint that allows attackers to upload malicious files remotely. This affects RemoteClinic versions up to...

This vulnerability in RemoteClinic allows attackers to remotely exploit the /patients/edit-patient.php endpoint by manipulating the Email parameter, leading to unauthorized information disclosure. It ...