Vulnerabilities > Phptpoint

DATE	CVE	VULNERABILITY TITLE	RISK
2018-10-29	CVE-2018-18705	SQL Injection vulnerability in PHPtpoint Hospital Management System 1.0 PhpTpoint hospital management system suffers from multiple SQL injection vulnerabilities via the index.php user parameter associated with LOGIN.php, or the rno parameter to ALIST.php, DUNDEL.php, PDEL.php, or PUNDEL.php. network low complexity phptpoint CWE-89	7.5
2018-10-29	CVE-2018-18704	SQL Injection vulnerability in PHPtpoint Pharmacy Management System 1.0 PhpTpoint Pharmacy Management System suffers from a SQL injection vulnerability in the index.php username parameter. network low complexity phptpoint CWE-89	7.5
2018-10-29	CVE-2018-18703	Path Traversal vulnerability in PHPtpoint Mailing Server Using File Handling 1.0 PhpTpoint Mailing Server Using File Handling 1.0 suffers from multiple Arbitrary File Read vulnerabilities in different sections that allow an attacker to read sensitive files on the system via directory traversal, bypassing the login page, as demonstrated by the Mailserver_filesystem/home.php coninb, consent, contrsh, condrft, or conspam parameter. network low complexity phptpoint CWE-22	5.0

Vulnerabilities > Phptpoint {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Phptpoint"}]}