cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-4294,https://securityvulnerability.io/vulnerability/CVE-2024-4294,Resource Manipulation Vulnerability in PHPGurukul Doctor Appointment Management System,"A vulnerability has been discovered in version 1.0 of the PHPGurukul Doctor Appointment Management System, specifically within the resource handling functionality of the file /doctor/view-appointment-detail.php. The flaw arises from improper control of resource identifiers, specifically manipulated via the editid parameter, which enables remote exploitation of unauthorized access to sensitive data. This flaw poses significant risks, including potential data breaches and unauthorized actions within the application, making it crucial for users and organizations to take immediate action to mitigate associated threats.",PHPgurukul,Doctor Appointment Management System,6.3,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-04-27T21:31:05.000Z,true,false,false,,2024-04-27T22:31:05.029Z,0
CVE-2024-4293,https://securityvulnerability.io/vulnerability/CVE-2024-4293,Cross Site Scripting Vulnerability in PHPGurukul Doctor Appointment Management System 1.0,A vulnerability classified as problematic was found in PHPGurukul Doctor Appointment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file appointment-bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-262225 was assigned to this vulnerability.,PHPgurukul,Doctor Appointment Management System,3.5,LOW,0.00044999999227002263,false,,false,false,true,2024-04-27T20:31:04.000Z,true,false,false,,2024-04-27T21:31:04.135Z,0
CVE-2022-46128,https://securityvulnerability.io/vulnerability/CVE-2022-46128,Cross-Site Scripting Vulnerability in Doctor Appointment Management System by phpgurukul,"The Doctor Appointment Management System by phpgurukul is susceptible to Cross-Site Scripting (XSS) attacks through variables passed in the search data. This vulnerability enables an attacker to inject malicious scripts, potentially compromising user data and session cookies. Proper input validation and sanitization measures should be implemented to mitigate risks associated with this security flaw.",PHPgurukul,Doctor Appointment Management System,6.1,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2023-01-26T21:18:00.000Z,0
CVE-2022-45730,https://securityvulnerability.io/vulnerability/CVE-2022-45730,Cross-Site Scripting Flaw in Doctor Appointment Management System by PHP Gurukul,"The vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to exploit a cross-site scripting flaw. By injecting a malicious payload into the Search function, an attacker can execute arbitrary web scripts or HTML. This can lead to the unauthorized disclosure of sensitive information or the hijacking of user sessions. It is crucial for users of this system to be aware of this risk and apply necessary security measures.",PHPgurukul,Doctor Appointment Management System,6.1,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2023-01-26T21:17:00.000Z,0
CVE-2022-45728,https://securityvulnerability.io/vulnerability/CVE-2022-45728,Cross-Site Scripting Vulnerability in Doctor Appointment Management System by Sudoninja,"The Doctor Appointment Management System v1.0.0 by Sudoninja is susceptible to a cross-site scripting (XSS) vulnerability. Attackers can exploit this weakness by injecting malicious scripts through user inputs, which may ultimately compromise user data and sensitive information. It is crucial for users of this system to implement necessary security measures to mitigate risks.",PHPgurukul,Doctor Appointment Management System,6.1,MEDIUM,0.0005699999746866524,false,,false,false,true,2023-01-04T17:41:57.000Z,true,false,false,,2023-01-12T00:00:00.000Z,0
CVE-2022-45729,https://securityvulnerability.io/vulnerability/CVE-2022-45729,Cross-Site Scripting Vulnerability in Doctor Appointment Management System by Sudoninja,"The Doctor Appointment Management System version 1.0.0 is susceptible to a cross-site scripting vulnerability, enabling attackers to execute arbitrary web scripts or HTML. This vulnerability arises when an attacker injects a crafted payload through the Employee ID parameter, potentially compromising user data and leading to unauthorized actions on behalf of the victims. It is crucial for users of this system to implement security measures to safeguard against exploitation.",PHPgurukul,Doctor Appointment Management System,6.1,MEDIUM,0.0005699999746866524,false,,false,false,true,2023-01-04T17:50:00.000Z,true,false,false,,2023-01-12T00:00:00.000Z,0