Campcodes Online Hospital Management System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Campcodes Online Hospital Management System.
By the Year
In 2026 there have been 0 vulnerabilities in Campcodes Online Hospital Management System. Last year, in 2025 Online Hospital Management System had 18 security vulnerabilities published. Right now, Online Hospital Management System is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 18 | 9.80 |
It may take a day or so for new Online Hospital Management System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Campcodes Online Hospital Management System Security Vulnerabilities
Campcodes OHS 1.0 sql injection via Username in /user-login.php
CVE-2025-6407
9.8 - Critical
- June 21, 2025
A vulnerability, which was classified as critical, was found in Campcodes Online Hospital Management System 1.0. This affects an unknown part of the file /user-login.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
CVE-2025-6408: SQLi in Campcodes OHS 1.0 via /doctor/search.php
CVE-2025-6408
9.8 - Critical
- June 21, 2025
A vulnerability has been found in Campcodes Online Hospital Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /doctor/search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Campcodes OHMS 1.0 SQLi via forgot-password.php fullname
CVE-2025-6406
9.8 - Critical
- June 21, 2025
A vulnerability, which was classified as critical, has been found in Campcodes Online Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /hms/forgot-password.php. The manipulation of the argument fullname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Campcodes Hospital Mgt Sys 1.0 Critical SQLi in /user-login.php
CVE-2025-5604
9.8 - Critical
- June 04, 2025
A vulnerability was found in Campcodes Hospital Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user-login.php. The manipulation of the argument Username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Campcodes HMS 1.0 SQLi via /admin/registration.php (critical)
CVE-2025-5602
9.8 - Critical
- June 04, 2025
A vulnerability, which was classified as critical, was found in Campcodes Hospital Management System 1.0. Affected is an unknown function of the file /admin/registration.php. The manipulation of the argument full_name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Campcodes HMS 1.0 Registration.php SQLi via full_name/username
CVE-2025-5603
9.8 - Critical
- June 04, 2025
A vulnerability has been found in Campcodes Hospital Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /registration.php. The manipulation of the argument full_name/username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Campcodes OHS 1.0 - Remote SQLi via /admin/patient-search.php
CVE-2025-5365
9.8 - Critical
- May 31, 2025
A vulnerability was found in Campcodes Online Hospital Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/patient-search.php. The manipulation of the argument searchdata leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi in Campcodes OHMS 1.0 – /doctor/add-patient.php via patname
CVE-2025-5364
9.8 - Critical
- May 30, 2025
A vulnerability was found in Campcodes Online Hospital Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /doctor/add-patient.php. The manipulation of the argument patname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi in /doctor/index.php of Campcodes OHS 1.0 (Critical)
CVE-2025-5363
9.8 - Critical
- May 30, 2025
A vulnerability has been found in Campcodes Online Hospital Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /doctor/index.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Campcodes OHS 1.0 - SQLi via doctorspecilization in /admin/doctor-specilization.php
CVE-2025-5362
9.8 - Critical
- May 30, 2025
A vulnerability, which was classified as critical, was found in Campcodes Online Hospital Management System 1.0. Affected is an unknown function of the file /admin/doctor-specilization.php. The manipulation of the argument doctorspecilization leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Critical SQLi via doctor ARG in /book-appointment.php - Campcodes OHMS 1.0
CVE-2025-5360
9.8 - Critical
- May 30, 2025
A vulnerability classified as critical was found in Campcodes Online Hospital Management System 1.0. This vulnerability affects unknown code of the file /book-appointment.php. The manipulation of the argument doctor leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Campcodes OHS 1.0: Critical SQLi via /contact.php fullname
CVE-2025-5361
9.8 - Critical
- May 30, 2025
A vulnerability, which was classified as critical, has been found in Campcodes Online Hospital Management System 1.0. This issue affects some unknown processing of the file /contact.php. The manipulation of the argument fullname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Campcodes OMS 1.0 SQLi via appointment-history.php ID
CVE-2025-5359
9.8 - Critical
- May 30, 2025
A vulnerability classified as critical has been found in Campcodes Online Hospital Management System 1.0. This affects an unknown part of the file /appointment-history.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQL Injection in Campcodes OHS 1.0 admin/betweendates-detailsreports.php (Critical)
CVE-2025-5298
9.8 - Critical
- May 28, 2025
A vulnerability, which was classified as critical, was found in Campcodes Online Hospital Management System 1.0. Affected is an unknown function of the file /admin/betweendates-detailsreports.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Campcodes HMS 1.0 SQLi via adminremark Param in query-details.php
CVE-2025-5246
9.8 - Critical
- May 27, 2025
A vulnerability classified as critical was found in Campcodes Online Hospital Management System 1.0. This vulnerability affects unknown code of the file /hms/admin/query-details.php. The manipulation of the argument adminremark leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Campcodes OHS 1.0 SQLi in /admin/view-patient.php (viewid)
CVE-2025-5229
9.8 - Critical
- May 27, 2025
A vulnerability was found in Campcodes Online Hospital Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/view-patient.php. The manipulation of the argument viewid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Campcodes OMS 1.0 CVE-2025-5224: Remote SQLi via /admin/add-doctor.php
CVE-2025-5224
9.8 - Critical
- May 27, 2025
A vulnerability classified as critical has been found in Campcodes Online Hospital Management System 1.0. Affected is an unknown function of the file /admin/add-doctor.php. The manipulation of the argument Doctorspecialization leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SourceCodester OMS 1.0 SQLi in /admin/check_availability.php via emailid
CVE-2025-5208
9.8 - Critical
- May 26, 2025
A vulnerability, which was classified as critical, was found in SourceCodester Online Hospital Management System 1.0. This affects an unknown part of the file /admin/check_availability.php. The manipulation of the argument emailid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Campcodes Online Hospital Management System or by Campcodes? Click the Watch button to subscribe.
