Vulnerabilities > Oretnom23 > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-03 | CVE-2022-4278 | SQL Injection vulnerability in Oretnom23 Human Resource Management System 1.0 A vulnerability was found in SourceCodester Human Resource Management System 1.0. | 7.2 |
| 2022-11-07 | CVE-2022-42990 | SQL Injection vulnerability in Oretnom23 Food Ordering Management System 1.0 Food Ordering Management System v1.0 was discovered to contain a SQL injection vulnerability via the component /foms/all-orders.php?status=Cancelled%20by%20Customer. | 7.2 |
| 2022-11-07 | CVE-2022-43318 | SQL Injection vulnerability in Oretnom23 Human Resource Management System 1.0 Human Resource Management System v1.0 was discovered to contain a SQL injection vulnerability via the stateedit parameter at /hrm/state.php. | 8.8 |
| 2022-10-17 | CVE-2022-3549 | Unrestricted Upload of File with Dangerous Type vulnerability in Oretnom23 Simple Cold Storage Management System 1.0 A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. | 7.2 |
| 2022-10-14 | CVE-2022-42232 | SQL Injection vulnerability in Oretnom23 Simple Cold Storage Management System 1.0 Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/classes/Master.php?f=delete_storage. | 7.2 |
| 2022-10-14 | CVE-2022-42070 | Cross-Site Request Forgery (CSRF) vulnerability in Oretnom23 Online Birth Certificate Management System 1.0 Online Birth Certificate Management System version 1.0 is vulnerable to Cross Site Request Forgery (CSRF). | 8.8 |
| 2022-10-14 | CVE-2022-3496 | Unspecified vulnerability in Oretnom23 Human Resource Management System 1.0 A vulnerability was found in SourceCodester Human Resource Management System 1.0 and classified as critical. | 8.8 |
| 2022-10-13 | CVE-2022-3492 | OS Command Injection vulnerability in Oretnom23 Human Resource Management System 1.0 A vulnerability classified as critical was found in SourceCodester Human Resource Management System 1.0. | 8.8 |
| 2022-10-06 | CVE-2022-42242 | SQL Injection vulnerability in Oretnom23 Simple Cold Storage Management System 1.0 Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/classes/Master.php?f=delete_booking. | 7.2 |
| 2022-10-06 | CVE-2022-42243 | SQL Injection vulnerability in Oretnom23 Simple Cold Storage Management System 1.0 Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/manage_storage.php?id=. | 7.2 |