Vulnerabilities > Oretnom23 > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-01-21 CVE-2021-40247 SQL Injection vulnerability in Oretnom23 Budget and Expense Tracker System 1.0
SQL injection vulnerability in Sourcecodester Budget and Expense Tracker System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username field.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2022-01-21 CVE-2021-46309 SQL Injection vulnerability in Oretnom23 Employee and Visitor Gate Pass Logging System 1.0
An SQL Injection vulnerability exists in Sourcecodester Employee and Visitor Gate Pass Logging System 1.0 via the username parameter.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2022-01-21 CVE-2021-46200 SQL Injection vulnerability in Oretnom23 Simple Music Cloud Community System 1.0
An SQL Injection vulnerability exists in Sourcecodester Simple Music Clour Community System 1.0 via the email parameter in /music/ajax.php.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2021-12-21 CVE-2021-45252 SQL Injection vulnerability in Oretnom23 Simple Forum/Discussion System 1.0
Multiple SQL injection vulnerabilities are found on Simple Forum-Discussion System 1.0 For example on three applications which are manage_topic.php, manage_user.php, and ajax.php.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2021-12-15 CVE-2021-44653 SQL Injection vulnerability in Oretnom23 Online Magazine Management System 1.0
Online Magazine Management System 1.0 contains a SQL injection authentication bypass vulnerability.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2021-11-15 CVE-2021-42580 SQL Injection vulnerability in Oretnom23 Online Learning System 2.0
Sourcecodester Online Learning System 2.0 is vunlerable to sql injection authentication bypass in admin login file (/admin/login.php) and authenticated file upload in (Master.php) file , we can craft these two vunlerablities to get unauthenticated remote command execution.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2021-11-03 CVE-2021-43140 SQL Injection vulnerability in Oretnom23 Simple Subscription Website 1.0
SQL Injection vulnerability exists in Sourcecodester.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8