Vulnerabilities > Oretnom23 > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-06 | CVE-2022-42243 | SQL Injection vulnerability in Oretnom23 Simple Cold Storage Management System 1.0 Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/manage_storage.php?id=. | 7.2 |
| 2022-10-06 | CVE-2022-42249 | SQL Injection vulnerability in Oretnom23 Simple Cold Storage Management System 1.0 Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/view_storage.php?id=. | 7.2 |
| 2022-10-06 | CVE-2022-42250 | SQL Injection vulnerability in Oretnom23 Simple Cold Storage Management System 1.0 Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/inquiries/view_details.php?id=. | 7.2 |
| 2022-10-06 | CVE-2022-42241 | SQL Injection vulnerability in Oretnom23 Simple Cold Storage Management System 1.0 Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/classes/Master.php?f=delete_message. | 7.2 |
| 2022-09-02 | CVE-2022-36754 | SQL Injection vulnerability in Oretnom23 Expense Management System 1.0 Expense Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /Home/debit_credit_p. | 7.2 |
| 2022-07-12 | CVE-2022-2297 | Unrestricted Upload of File with Dangerous Type vulnerability in Oretnom23 Clinic'S Patient Management System 2.0 A vulnerability, which was classified as critical, was found in SourceCodester Clinics Patient Management System 2.0. | 8.8 |
| 2021-10-29 | CVE-2021-41645 | Unrestricted Upload of File with Dangerous Type vulnerability in Oretnom23 Budget and Expense Tracker System 1.0 Remote Code Execution (RCE) vulnerability exists in Sourcecodester Budget and Expense Tracker System 1.0 that allows a remote malicious user to inject arbitrary code via the image upload field. | 8.8 |