NicatAliyevh - Security Researcher - Exploit Intelligence Platform

CVE-2025-63512 WRITEUP MEDIUM WRITEUP

kishan0725 Hospital Management System/v4 - SQL Injection

kishan0725 Hospital Management System/ v4 is vulnerable to SQL Injection in admin-panel1.php, specifically in the deleting doctor logic. The application fails to properly sanitize or parameterize user-supplied input from the demail parameter before incorporating it directly into a dynamic SQL query.

CVSS 6.5

View Code

CVE-2025-63513 WRITEUP MEDIUM WRITEUP

kishan0725 Hospital Management System v4 - Info Disclosure

kishan0725 Hospital Management System v4 has an Insecure Direct Object Reference (IDOR) vulnerability in the appointment cancellation functionality.

CVSS 6.5

View Code

CVE-2025-63514 WRITEUP MEDIUM WRITEUP

kishan0725 Hospital Management System - XSS

kishan0725 Hospital Management System has a Cross-Site Scripting (XSS) vulnerability in appsearch.php via the email parameter.

CVSS 6.1

View Code