Vulnerabilities > Oretnom23

DATE CVE VULNERABILITY TITLE RISK
2022-10-06 CVE-2022-42249 SQL Injection vulnerability in Oretnom23 Simple Cold Storage Management System 1.0
Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/view_storage.php?id=.
network
low complexity
oretnom23 CWE-89
7.2
2022-10-06 CVE-2022-42250 SQL Injection vulnerability in Oretnom23 Simple Cold Storage Management System 1.0
Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/inquiries/view_details.php?id=.
network
low complexity
oretnom23 CWE-89
7.2
2022-10-06 CVE-2022-42241 SQL Injection vulnerability in Oretnom23 Simple Cold Storage Management System 1.0
Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/classes/Master.php?f=delete_message.
network
low complexity
oretnom23 CWE-89
7.2
2022-09-28 CVE-2021-41434 Cross-site Scripting vulnerability in Oretnom23 Expense Management System 1.0
A stored Cross-Site Scripting (XSS) vulnerability exists in version 1.0 of the Expense Management System application that allows for arbitrary execution of JavaScript commands through index.php.
network
low complexity
oretnom23 CWE-79
5.4
2022-09-12 CVE-2022-37796 Cross-site Scripting vulnerability in Oretnom23 Simple Online Book Store System 1.0
In Simple Online Book Store System 1.0 in /admin_book.php the Title, Author, and Description parameters are vulnerable to Cross Site Scripting(XSS).
network
low complexity
oretnom23 CWE-79
5.4
2022-09-05 CVE-2022-3122 SQL Injection vulnerability in Oretnom23 Clinic'S Patient Management System 1.0
A vulnerability was found in SourceCodester Clinics Patient Management System 1.0.
network
low complexity
oretnom23 CWE-89
critical
9.8
2022-09-05 CVE-2022-3120 Unspecified vulnerability in Oretnom23 Clinic'S Patient Management System 1.0
A vulnerability classified as critical was found in SourceCodester Clinics Patient Management System.
network
low complexity
oretnom23
critical
9.8
2022-09-02 CVE-2022-36754 SQL Injection vulnerability in Oretnom23 Expense Management System 1.0
Expense Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /Home/debit_credit_p.
network
low complexity
oretnom23 CWE-89
7.2
2022-09-02 CVE-2022-36609 SQL Injection vulnerability in Oretnom23 Clinic'S Patient Management System 1.0
Clinic's Patient Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /pms/update_patient.php.
network
low complexity
oretnom23 CWE-89
critical
9.8
2022-08-22 CVE-2022-36251 Cross-site Scripting vulnerability in Oretnom23 Clinic'S Patient Management System 1.0
Clinic's Patient Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via patients.php.
network
low complexity
oretnom23 CWE-79
6.1