Lucene search
+L

8 matches found

OSV
OSV
added 2025/04/03 5:15 a.m.5 views

CVE-2025-3141

A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /managecategory.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit...

9.8CVSS6.5AI score0.00498EPSS
Exploits1References5
OSV
OSV
added 2024/09/30 3:15 p.m.4 views

CVE-2024-46293

Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect Access Control. There is a lack of authorization checks for admin operations. Specifically, an attacker can perform admin-level actions without possessing a valid session token. The application does not verify whether t...

9.8CVSS5.8AI score0.00421EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/30 12:0 a.m.22 views

CVE-2024-46293

Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect Access Control. There is a lack of authorization checks for admin operations. Specifically, an attacker can perform admin-level actions without possessing a valid session token. The application does not verify whether t...

0.00421EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/10 12:0 a.m.32 views

CVE-2024-32167

Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Arbitrary file deletion vulnerability as the backend settings have the function of deleting pictures to delete any files...

0.0067EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/06/10 12:0 a.m.14 views

CVE-2024-32167

Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Arbitrary file deletion vulnerability as the backend settings have the function of deleting pictures to delete any files...

6.8AI score0.0067EPSS
Exploits1References1
NVD
NVD
added 2022/10/27 10:15 a.m.15 views

CVE-2022-3716

A vulnerability classified as problematic was found in SourceCodester Online Medicine Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /omos/admin/?page=user/list. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site...

5.4CVSS0.00328EPSS
Exploits0References1
NVD
NVD
added 2022/10/27 10:15 a.m.10 views

CVE-2022-3714

A vulnerability classified as critical has been found in SourceCodester Online Medicine Ordering System 1.0. Affected is an unknown function of the file admin/?page=orders/vieworder. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. VDB-2123...

9.8CVSS0.00381EPSS
Exploits0References1
Prion
Prion
added 2022/10/27 10:15 a.m.20 views

Cross site scripting

A vulnerability classified as problematic was found in SourceCodester Online Medicine Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /omos/admin/?page=user/list. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site...

4.9CVSS5.3AI score0.00328EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder