6 matches found
CVE-2025-40728
SQL injection vulnerability in Customer Support System v1.0. This vulnerability allows an authenticated attacker to retrieve, create, update and delete databases via the id parameter in the /customersupport/manageuser.php endpoint...
PT-2023-21003 · Unknown · Best Pos Management System
Name of the Vulnerable Software and Affected Versions: Best POS Management System version 1.0 Description: The issue is a SQL injection vulnerability that can be exploited via the id parameter at the "/kruxton/manage user.php" API endpoint. This allows for potential unauthorized access to sensiti...
PT-2023-15117 · Unknown · Dynamic Transaction Queuing System
Name of the Vulnerable Software and Affected Versions: Dynamic Transaction Queuing System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/admin/manage user.php" API endpoint. Recommendations: For...
Patient Records Management System SQL注入漏洞
Sourcecodester Hospital Patient Records Management System is a Web-based application that provides hospitals with an automated platform to store and manage their patient records. Management System is vulnerable to SQL injection, which originates from /hprms/admin/?page=user/manageuser&id= page...
CVE-2022-22296
Sourcecodester Hospital's Patient Records Management System 1.0 is vulnerable to Insecure Permissions via the id parameter in manageuser endpoint. Simply change the value and data of other users can be displayed...
CVE-2022-22296
Sourcecodester Hospital's Patient Records Management System 1.0 is vulnerable to Insecure Permissions via the id parameter in manageuser endpoint. Simply change the value and data of other users can be displayed...