Vulnerabilities > Oretnom23 > Raffle Draw System

DATE CVE VULNERABILITY TITLE RISK
2023-02-06 CVE-2023-24198 SQL Injection vulnerability in Oretnom23 Raffle Draw System 1.0
Raffle Draw System v1.0 was discovered to contain multiple SQL injection vulnerabilities at save_winner.php via the ticket_id and draw parameters.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2023-02-06 CVE-2023-24199 SQL Injection vulnerability in Oretnom23 Raffle Draw System 1.0
Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at delete_ticket.php.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2023-02-06 CVE-2023-24200 SQL Injection vulnerability in Oretnom23 Raffle Draw System 1.0
Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at save_ticket.php.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2023-02-06 CVE-2023-24201 SQL Injection vulnerability in Oretnom23 Raffle Draw System 1.0
Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at get_ticket.php.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2023-02-06 CVE-2023-24202 Unrestricted Upload of File with Dangerous Type vulnerability in Oretnom23 Raffle Draw System 1.0
Raffle Draw System v1.0 was discovered to contain a local file inclusion vulnerability via the page parameter in index.php.
network
low complexity
oretnom23 CWE-434
critical
 9.8
9.8