Vulnerabilities > Oretnom23 > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-09-02 CVE-2022-36609 SQL Injection vulnerability in Oretnom23 Clinic'S Patient Management System 1.0
Clinic's Patient Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /pms/update_patient.php.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2022-08-16 CVE-2022-36242 SQL Injection vulnerability in Oretnom23 Clinic'S Patient Management System 1.0
Clinic's Patient Management System v1.0 is vulnerable to SQL Injection via /pms/update_medicine.php?id=.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2022-08-10 CVE-2022-36270 Unspecified vulnerability in Oretnom23 Clinic'S Patient Management System 1.0
Clinic's Patient Management System v1.0 has arbitrary code execution via url: ip/pms/users.php.
network
low complexity
oretnom23
critical
 9.8
9.8
2022-08-10 CVE-2022-36750 SQL Injection vulnerability in Oretnom23 Clinic'S Patient Management System 1.0
Clinic's Patient Management System v1.0 is vulnerable to SQL injection via /pms/update_user.php?id=.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2022-07-12 CVE-2022-2298 SQL Injection vulnerability in Oretnom23 Clinic'S Patient Management System 2.0
A vulnerability has been found in SourceCodester Clinics Patient Management System 2.0 and classified as critical.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2022-01-28 CVE-2021-45435 SQL Injection vulnerability in Oretnom23 Simple Cold Storage Management System 1.0
An SQL Injection vulnerability exists in Sourcecodester Simple Cold Storage Management System using PHP/OOP 1.0 via the username field in login.php.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2022-01-24 CVE-2021-40596 SQL Injection vulnerability in Oretnom23 Online Learning System 2.0
SQL injection vulnerability in Login.php in sourcecodester Online Learning System v2 by oretnom23, allows attackers to execute arbitrary SQL commands via the faculty_id parameter.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2022-01-21 CVE-2021-40247 SQL Injection vulnerability in Oretnom23 Budget and Expense Tracker System 1.0
SQL injection vulnerability in Sourcecodester Budget and Expense Tracker System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username field.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2022-01-21 CVE-2021-46309 SQL Injection vulnerability in Oretnom23 Employee and Visitor Gate Pass Logging System 1.0
An SQL Injection vulnerability exists in Sourcecodester Employee and Visitor Gate Pass Logging System 1.0 via the username parameter.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2022-01-21 CVE-2021-46200 SQL Injection vulnerability in Oretnom23 Simple Music Cloud Community System 1.0
An SQL Injection vulnerability exists in Sourcecodester Simple Music Clour Community System 1.0 via the email parameter in /music/ajax.php.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8