Filtered by vendor Bigprof
Subscriptions
Filtered by product Online Clinic Management System
Subscriptions
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-6425 | 1 Bigprof | 1 Online Clinic Management System | 2024-11-21 | 6.3 Medium |
A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/medical_records_view.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user to store dangerous JavaScript payloads on the system that will be triggered when the page loads. | ||||
CVE-2023-6424 | 1 Bigprof | 1 Online Clinic Management System | 2024-11-21 | 6.3 Medium |
A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/disease_symptoms_view.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user to store dangerous JavaScript payloads on the system that will be triggered when the page loads. | ||||
CVE-2023-6423 | 1 Bigprof | 1 Online Clinic Management System | 2024-11-21 | 6.3 Medium |
A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/events_view.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user to store dangerous JavaScript payloads on the system that will be triggered when the page loads. | ||||
CVE-2023-6422 | 1 Bigprof | 1 Online Clinic Management System | 2024-11-21 | 6.3 Medium |
A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/patients_view.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user to store dangerous JavaScript payloads on the system that will be triggered when the page loads. |
Page 1 of 1.