Lucene search
K

6 matches found

OSV
OSV
added 2025/06/16 9:15 a.m.4 views

CVE-2025-40728

SQL injection vulnerability in Customer Support System v1.0. This vulnerability allows an authenticated attacker to retrieve, create, update and delete databases via the id parameter in the /customersupport/manageuser.php endpoint...

8.8CVSS5.8AI score0.00419EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/09 12:0 a.m.10 views

PT-2023-21003 · Unknown · Best Pos Management System

Name of the Vulnerable Software and Affected Versions: Best POS Management System version 1.0 Description: The issue is a SQL injection vulnerability that can be exploited via the id parameter at the "/kruxton/manage user.php" API endpoint. This allows for potential unauthorized access to sensiti...

9.8CVSS9.3AI score0.00788EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/01/13 12:0 a.m.7 views

PT-2023-15117 · Unknown · Dynamic Transaction Queuing System

Name of the Vulnerable Software and Affected Versions: Dynamic Transaction Queuing System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/admin/manage user.php" API endpoint. Recommendations: For...

7.2CVSS7.1AI score0.00804EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/06/14 12:0 a.m.3 views

Patient Records Management System SQL注入漏洞

Sourcecodester Hospital Patient Records Management System is a Web-based application that provides hospitals with an automated platform to store and manage their patient records. Management System is vulnerable to SQL injection, which originates from /hprms/admin/?page=user/manageuser&id= page...

7.2CVSS6AI score0.00909EPSS
Exploits1References2
OSV
OSV
added 2022/01/24 2:15 p.m.5 views

CVE-2022-22296

Sourcecodester Hospital's Patient Records Management System 1.0 is vulnerable to Insecure Permissions via the id parameter in manageuser endpoint. Simply change the value and data of other users can be displayed...

5.3CVSS6.1AI score0.00989EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/01/24 2:15 p.m.7 views

CVE-2022-22296

Sourcecodester Hospital's Patient Records Management System 1.0 is vulnerable to Insecure Permissions via the id parameter in manageuser endpoint. Simply change the value and data of other users can be displayed...

5.3CVSS6AI score0.00989EPSS
Exploits0References2
Rows per page
Query Builder