PHPGurukul Doctor Appointment Management System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in PHPGurukul Doctor Appointment Management System.
By the Year
In 2026 there have been 0 vulnerabilities in PHPGurukul Doctor Appointment Management System. Last year, in 2025 Doctor Appointment Management System had 5 security vulnerabilities published. Right now, Doctor Appointment Management System is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 5 | 9.25 |
| 2024 | 3 | 7.10 |
| 2023 | 4 | 6.10 |
It may take a day or so for new Doctor Appointment Management System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent PHPGurukul Doctor Appointment Management System Security Vulnerabilities
Authenticated Doctor User XSS via Profile Name in Doctor Appointment System 1.0
CVE-2025-45805
7.6 - High
- September 03, 2025
In phpgurukul Doctor Appointment Management System 1.0, an authenticated doctor user can inject arbitrary JavaScript code into their profile name. This payload is subsequently rendered without proper sanitization, when a user visits the website and selects the doctor to book an appointment.
XSS
Session Hijacking via Improper Invalidation in PHPGurukul Doctor App
CVE-2025-50493
- July 28, 2025
Improper session invalidation in the component /doctor/change-password.php of PHPGurukul Doctor Appointment Management System v1 allows attackers to execute a session hijacking attack.
Critical SQLi in PHPGurukul Doctor Appointment System 1.0 – /check-appointment.php
CVE-2025-2649
9.8 - Critical
- March 23, 2025
A vulnerability classified as critical was found in PHPGurukul Doctor Appointment Management System 1.0. This vulnerability affects unknown code of the file /check-appointment.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi in doctor/appointment-bwdates-reports-details.php – PHPGurukul App 1.0
CVE-2025-2640
9.8 - Critical
- March 23, 2025
A vulnerability was found in PHPGurukul Doctor Appointment Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /doctor/appointment-bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul Doctor Appointment SYS 1.0 SQLi via /doctor/search.php
CVE-2025-2383
9.8 - Critical
- March 17, 2025
A vulnerability, which was classified as critical, has been found in PHPGurukul Doctor Appointment Management System 1.0. Affected by this issue is some unknown functionality of the file /doctor/search.php. The manipulation of the argument searchdata leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
XSS in PHPGurukul Doctor Appointment System v1.0 via search param
CVE-2024-48807
- October 30, 2024
Cross Site Scripting vulnerability in PHPGurukul Doctor Appointment Management System v.1.0 allows a local attacker to execute arbitrary code via the search parameter.
Crit PHPGurukul DMMS 1.0 Remote RFI via editid in view-appointment-detail.php
CVE-2024-4294
8.8 - High
- April 27, 2024
A vulnerability, which was classified as critical, has been found in PHPGurukul Doctor Appointment Management System 1.0. Affected by this issue is some unknown functionality of the file /doctor/view-appointment-detail.php. The manipulation of the argument editid leads to improper control of resource identifiers. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-262226 is the identifier assigned to this vulnerability.
Insecure Direct Object Reference
XSS in PHPGurukul Doctor Appointment Management System 1.0 (bwdates-reports.php)
CVE-2024-4293
5.4 - Medium
- April 27, 2024
A vulnerability classified as problematic was found in PHPGurukul Doctor Appointment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file appointment-bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-262225 was assigned to this vulnerability.
XSS
XSS in phpgurukul Doctor Appointment System v1.0.0
CVE-2022-46128
6.1 - Medium
- January 26, 2023
phpgurukul Doctor Appointment Management System V 1.0.0 is vulnerable to Cross Site Scripting (XSS) via searchdata=.
XSS
DocAppMS v1.0.0 XSS in Search Input (before 1.0.1)
CVE-2022-45730
6.1 - Medium
- January 26, 2023
A cross-site scripting (XSS) vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search function.
XSS
XSS in Doctor Appointment Management System v1.0 via Employee ID param
CVE-2022-45729
6.1 - Medium
- January 12, 2023
A cross-site scripting (XSS) vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Employee ID parameter.
XSS
XSS Vulnerability in Doctor Appointment Mgmt Sys v1.0.0
CVE-2022-45728
6.1 - Medium
- January 12, 2023
Doctor Appointment Management System v1.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for PHPGurukul Doctor Appointment Management System or by PHPGurukul? Click the Watch button to subscribe.
