Vulnerabilities > Oretnom23 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-28 | CVE-2021-41434 | Cross-site Scripting vulnerability in Oretnom23 Expense Management System 1.0 A stored Cross-Site Scripting (XSS) vulnerability exists in version 1.0 of the Expense Management System application that allows for arbitrary execution of JavaScript commands through index.php. | 5.4 |
| 2022-09-12 | CVE-2022-37796 | Cross-site Scripting vulnerability in Oretnom23 Simple Online Book Store System 1.0 In Simple Online Book Store System 1.0 in /admin_book.php the Title, Author, and Description parameters are vulnerable to Cross Site Scripting(XSS). | 5.4 |
| 2022-08-22 | CVE-2022-36251 | Cross-site Scripting vulnerability in Oretnom23 Clinic'S Patient Management System 1.0 Clinic's Patient Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via patients.php. | 6.1 |
| 2022-08-17 | CVE-2022-35117 | Cross-site Scripting vulnerability in Oretnom23 Clinic'S Patient Management System 1.0 Clinic's Patient Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via update_medicine_details.php. | 4.8 |