Mojoomla Hospital Management System vulnerabilities
6 known vulnerabilities affecting mojoomla/hospital_management_system.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH3
Vulnerabilities
Page 1 of 1
CVE-2025-39380P2CRITICALCVSS 10.0≤ 47.0(20-11-2023)2025-05-19
CVE-2025-39380 [CRITICAL] CWE-434 CVE-2025-39380: Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla Hospital Management System
Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla Hospital Management System hospital-management allows Upload a Web Shell to a Web Server.This issue affects Hospital Management System: from n/a through <= 47.0(20-11-2023).
nvd
CVE-2025-47663P2CRITICALCVSS 9.9≥ 47.0(20, ≤ 112025-05-23
CVE-2025-47663 [CRITICAL] CWE-434 CVE-2025-47663: Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla Hospital Management System
Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla Hospital Management System allows Upload a Web Shell to a Web Server. This issue affects Hospital Management System: from 47.0(20 through 11.
nvd
CVE-2025-39386P2CRITICALCVSS 9.3≤ 47.0(20-11-2023)2025-05-19
CVE-2025-39386 [CRITICAL] CWE-89 CVE-2025-39386: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla Hospital Management System hospital-management allows SQL Injection.This issue affects Hospital Management System: from n/a through <= 47.0(20-11-2023).
nvd
CVE-2025-47631P3HIGHCVSS 8.8≥ 47.0(20, ≤ 112025-05-23
CVE-2025-47631 [HIGH] CWE-266 CVE-2025-47631: Incorrect Privilege Assignment vulnerability in mojoomla Hospital Management System allows Privilege
Incorrect Privilege Assignment vulnerability in mojoomla Hospital Management System allows Privilege Escalation. This issue affects Hospital Management System: from 47.0(20 through 11.
nvd
CVE-2025-39357P3HIGHCVSS 8.5≤ 47.0(20-11-2023)2025-05-19
CVE-2025-39357 [HIGH] CWE-89 CVE-2025-39357: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla Hospital Management System hospital-management allows SQL Injection.This issue affects Hospital Management System: from n/a through <= 47.0(20-11-2023).
nvd
CVE-2025-39393P4HIGHCVSS 7.1≤ 47.0(20-11-2023)2025-05-19
CVE-2025-39393 [HIGH] CWE-79 CVE-2025-39393: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mojoomla Hospital Management System hospital-management allows Reflected XSS.This issue affects Hospital Management System: from n/a through <= 47.0(20-11-2023).
nvd