Vulnerabilities > Oretnom23
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-06 | CVE-2023-24198 | SQL Injection vulnerability in Oretnom23 Raffle Draw System 1.0 Raffle Draw System v1.0 was discovered to contain multiple SQL injection vulnerabilities at save_winner.php via the ticket_id and draw parameters. | 9.8 |
| 2023-02-06 | CVE-2023-24199 | SQL Injection vulnerability in Oretnom23 Raffle Draw System 1.0 Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at delete_ticket.php. | 9.8 |
| 2023-02-06 | CVE-2023-24200 | SQL Injection vulnerability in Oretnom23 Raffle Draw System 1.0 Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at save_ticket.php. | 9.8 |
| 2023-02-06 | CVE-2023-24201 | SQL Injection vulnerability in Oretnom23 Raffle Draw System 1.0 Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at get_ticket.php. | 9.8 |
| 2023-02-06 | CVE-2023-24202 | Unrestricted Upload of File with Dangerous Type vulnerability in Oretnom23 Raffle Draw System 1.0 Raffle Draw System v1.0 was discovered to contain a local file inclusion vulnerability via the page parameter in index.php. | 9.8 |
| 2022-12-15 | CVE-2022-45033 | Cross-site Scripting vulnerability in Oretnom23 Expense Tracker 1.0 A cross-site scripting (XSS) vulnerability in Expense Tracker 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat text field. | 5.4 |
| 2022-12-03 | CVE-2022-4278 | SQL Injection vulnerability in Oretnom23 Human Resource Management System 1.0 A vulnerability was found in SourceCodester Human Resource Management System 1.0. | 7.2 |
| 2022-12-03 | CVE-2022-4279 | Cross-site Scripting vulnerability in Oretnom23 Human Resource Management System 1.0 A vulnerability classified as problematic has been found in SourceCodester Human Resource Management System 1.0. | 6.1 |
| 2022-12-03 | CVE-2022-4273 | Unrestricted Upload of File with Dangerous Type vulnerability in Oretnom23 Human Resource Management System 1.0 A vulnerability, which was classified as critical, has been found in SourceCodester Human Resource Management System 1.0. | 9.8 |
| 2022-11-25 | CVE-2022-45218 | Cross-site Scripting vulnerability in Oretnom23 Human Resource Management System 1.0 Human Resource Management System v1.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability. | 6.1 |