Affected Products

Vendor / product matrix with CVE counts sourced from the CPE catalog.

Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
hashenudara
19031.9%CRITICAL

Related CVEs

9
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2025-66918edoc-doctor-appointment-system v1.0.1 is vulnerable to Cross Site Scripting (XSS) in admin/add-session.php via the "title" parameter.HIGH8.837.5%Dec 11, 2025
CVE-2025-65358Edoc-doctor-appointment-system v1.0.1 was discovered to contain SQl injection vulnerability via the 'docid' parameter at /admin/appointment.php.CRITICAL9.826.2%Dec 2, 2025
CVE-2022-36548Edoc-doctor-appointment-system v1.0.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability at /patient/settings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field.MEDIUM5.4Aug 26, 2022
CVE-2022-36547Edoc-doctor-appointment-system v1.0.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability at /patient/index.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search field.MEDIUM6.1Aug 26, 2022
CVE-2022-36546Edoc-doctor-appointment-system v1.0.1 was discovered to contain a Cross-Site Request Forgery (CSRF) via /patient/settings.php.HIGH8.8Aug 26, 2022
CVE-2022-36545Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/settings.php.CRITICAL9.8Aug 26, 2022
CVE-2022-36544Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/booking.php.CRITICAL9.8Aug 26, 2022
CVE-2022-36543Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/doctors.php.CRITICAL9.8Aug 26, 2022
CVE-2022-36542An access control issue in the component /ip/admin/ of Edoc-doctor-appointment-system v1.0.1 allows attackers to arbitrarily edit, read, and delete Administrator data.MEDIUM6.5Aug 26, 2022