31 matches found
CVE-2026-30576
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtprice" and "txttotalcost" parameters during stock entry, allowing negative financial values to be submitted. This leads to corruption...
CVE-2026-30576
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtprice" and "txttotalcost" parameters during stock entry, allowing negative financial values to be submitted. This leads to corruption...
CVE-2026-30576
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtprice" and "txttotalcost" parameters during stock entry, allowing negative financial values to be submitted. This leads to corruption...
CVE-2026-30576
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtprice" and "txttotalcost" parameters during stock entry, allowing negative financial values to be submitted. This leads to corruption...
SourceCodester Pharmacy Product Management System 安全漏洞
SourceCodester Pharmacy Product Management System is an open-source drug management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Product Management System contains a security vulnerability. This vulnerability arises from the add-stock.php file, which does not...
CVE-2026-30576
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtprice" and "txttotalcost" parameters during stock entry, allowing negative financial values to be submitted. This leads to corruption...
CVE-2025-69216
OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, an authenticated SQL injection vulnerability in OpenSTAManager's Scadenzario Payment Schedule print template allows any authenticated user to extract sensitive data from the database...
CVE-2025-69216
OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, an authenticated SQL injection vulnerability in OpenSTAManager's Scadenzario Payment Schedule print template allows any authenticated user to extract sensitive data from the database...
CVE-2025-69216 OpenSTAManager has an SQL Injection in Scadenzario Print Template
OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, an authenticated SQL injection vulnerability in OpenSTAManager's Scadenzario Payment Schedule print template allows any authenticated user to extract sensitive data from the database...
CVE-2025-69216
OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, an authenticated SQL injection vulnerability in OpenSTAManager's Scadenzario Payment Schedule print template allows any authenticated user to extract sensitive data from the database...
EUVD-2025-206886
OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, an authenticated SQL injection vulnerability in OpenSTAManager's Scadenzario Payment Schedule print template allows any authenticated user to extract sensitive data from the database...
CVE-2025-69216 OpenSTAManager has an SQL Injection in Scadenzario Print Template
OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, an authenticated SQL injection vulnerability in OpenSTAManager's Scadenzario Payment Schedule print template allows any authenticated user to extract sensitive data from the database...
SQL Injection
Overview devcode-it/openstamanager is a management software for technical assistance and electronic invoicing Affected versions of this package are vulnerable to SQL Injection via the idanagrafica parameter in the init.php file. An attacker can extract sensitive database information, including...
GHSA-Q6G3-FV43-M2W6 OpenSTAManager has a SQL Injection in Scadenzario Print Template
Summary An authenticated SQL Injection vulnerability in OpenSTAManager's Scadenzario Payment Schedule print template allows any authenticated user to extract sensitive data from the database, including admin credentials, customer information, and financial records. The vulnerability enables...
PT-2026-6769
Name of the Vulnerable Software and Affected Versions OpenSTAManager versions 2.9.8 and earlier Description OpenSTAManager is susceptible to an authenticated SQL injection issue within the Scadenzario Payment Schedule print template. Any authenticated user can exploit this to extract sensitive da...
CVE-2025-61148
An Insecure Direct Object Reference IDOR vulnerability in the EduplusCampus 3.0.1 Student Payment API allows authenticated users to access other students personal and financial records by modifying the 'recno' parameter in the /student/get-receipt endpoint...
EduplusCampus 安全漏洞
EduplusCampus is a school management system from EduplusCampus India. A security vulnerability exists in EduplusCampus version 3.0.1, which stems from the presence of an insecure direct object reference in the Student Payment API that could lead to unauthorized access to personal and financial...
EUVD-2020-23575
Malware in sbrugna...
Best Methods for Storing, Protecting Digital Company Files: Secure Strategies for Data Safety
By Waqas With businesses continuing to generate a vast amount of data, from financial records to client information, understanding the… This is a post from HackRead.com Read the original post: Best Methods for Storing, Protecting Digital Company Files: Secure Strategies for Data Safety...
American College of Pediatricians Leak Exposes 10,000 Confidential Files
A Google Drive left public on the American College of Pediatricians’ website exposed detailed financial records, sensitive member details, and more...