Vulnerabilities > Oretnom23
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-06 | CVE-2022-42249 | SQL Injection vulnerability in Oretnom23 Simple Cold Storage Management System 1.0 Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/view_storage.php?id=. | 7.2 |
2022-10-06 | CVE-2022-42250 | SQL Injection vulnerability in Oretnom23 Simple Cold Storage Management System 1.0 Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/inquiries/view_details.php?id=. | 7.2 |
2022-10-06 | CVE-2022-42241 | SQL Injection vulnerability in Oretnom23 Simple Cold Storage Management System 1.0 Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/classes/Master.php?f=delete_message. | 7.2 |
2022-09-28 | CVE-2021-41434 | Cross-site Scripting vulnerability in Oretnom23 Expense Management System 1.0 A stored Cross-Site Scripting (XSS) vulnerability exists in version 1.0 of the Expense Management System application that allows for arbitrary execution of JavaScript commands through index.php. | 5.4 |
2022-09-12 | CVE-2022-37796 | Cross-site Scripting vulnerability in Oretnom23 Simple Online Book Store System 1.0 In Simple Online Book Store System 1.0 in /admin_book.php the Title, Author, and Description parameters are vulnerable to Cross Site Scripting(XSS). | 5.4 |
2022-09-05 | CVE-2022-3122 | SQL Injection vulnerability in Oretnom23 Clinic'S Patient Management System 1.0 A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. | 9.8 |
2022-09-05 | CVE-2022-3120 | Unspecified vulnerability in Oretnom23 Clinic'S Patient Management System 1.0 A vulnerability classified as critical was found in SourceCodester Clinics Patient Management System. | 9.8 |
2022-09-02 | CVE-2022-36754 | SQL Injection vulnerability in Oretnom23 Expense Management System 1.0 Expense Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /Home/debit_credit_p. | 7.2 |
2022-09-02 | CVE-2022-36609 | SQL Injection vulnerability in Oretnom23 Clinic'S Patient Management System 1.0 Clinic's Patient Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /pms/update_patient.php. | 9.8 |
2022-08-22 | CVE-2022-36251 | Cross-site Scripting vulnerability in Oretnom23 Clinic'S Patient Management System 1.0 Clinic's Patient Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via patients.php. | 6.1 |