Vulnerabilities > Oretnom23

DATE CVE VULNERABILITY TITLE RISK
2022-11-16 CVE-2022-43262 SQL Injection vulnerability in Oretnom23 Human Resource Management System 1.0
Human Resource Management System v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /hrm/controller/login.php.
network
low complexity
oretnom23 CWE-89
critical
9.8
2022-11-07 CVE-2022-43046 Cross-site Scripting vulnerability in Oretnom23 Food Ordering Management System 1.0
Food Ordering Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /foms/place-order.php.
network
low complexity
oretnom23 CWE-79
4.8
2022-11-07 CVE-2022-42990 SQL Injection vulnerability in Oretnom23 Food Ordering Management System 1.0
Food Ordering Management System v1.0 was discovered to contain a SQL injection vulnerability via the component /foms/all-orders.php?status=Cancelled%20by%20Customer.
network
low complexity
oretnom23 CWE-89
7.2
2022-11-07 CVE-2022-43317 Cross-site Scripting vulnerability in Oretnom23 Human Resource Management System 1.0
A cross-site scripting (XSS) vulnerability in /hrm/index.php?msg of Human Resource Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
network
low complexity
oretnom23 CWE-79
6.1
2022-11-07 CVE-2022-43318 SQL Injection vulnerability in Oretnom23 Human Resource Management System 1.0
Human Resource Management System v1.0 was discovered to contain a SQL injection vulnerability via the stateedit parameter at /hrm/state.php.
network
low complexity
oretnom23 CWE-89
8.8
2022-10-31 CVE-2022-40471 Unrestricted Upload of File with Dangerous Type vulnerability in Oretnom23 Clinic'S Patient Management System 1.0
Remote Code Execution in Clinic's Patient Management System v 1.0 allows Attacker to Upload arbitrary php webshell via profile picture upload functionality in users.php
network
low complexity
oretnom23 CWE-434
critical
9.8
2022-10-27 CVE-2022-3714 SQL Injection vulnerability in Oretnom23 Online Medicine Ordering System 1.0
A vulnerability classified as critical has been found in SourceCodester Online Medicine Ordering System 1.0.
network
low complexity
oretnom23 CWE-89
critical
9.8
2022-10-27 CVE-2022-3716 Cross-site Scripting vulnerability in Oretnom23 Online Medicine Ordering System 1.0
A vulnerability classified as problematic was found in SourceCodester Online Medicine Ordering System 1.0.
network
low complexity
oretnom23 CWE-79
5.4
2022-10-18 CVE-2022-3587 Cross-site Scripting vulnerability in Oretnom23 Simple Cold Storage Management System 1.0
A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0.
network
low complexity
oretnom23 CWE-79
5.4
2022-10-18 CVE-2022-3579 SQL Injection vulnerability in Oretnom23 Cashier Queuing System 1.0
A vulnerability classified as critical was found in SourceCodester Cashier Queuing System 1.0.
network
low complexity
oretnom23 CWE-89
critical
9.8