411 matches found
EUVD-2026-39561
Two data sources DICOMWebProxy and DICOMJSON shipped in the default configuration fetch an arbitrary URL parameter without validation. A global authentication service in OHIF automatically injects the authenticated user's OIDC Bearer token into the resulting requests, sending it to the...
EUVD-2025-210254
Unauthenticated Local File Inclusion in LuxMed | Medicine & Healthcare Doctor WordPress Theme = 1.2.2 versions...
CVE-2026-10244
A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function createmedicinename of the file /ShowForm/createmedicinename/main. Performing a manipulation of the argument medicinename results in cross site scripting. The atta...
CVE-2026-10246
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function createmedicinepresentation of the file /ShowForm/createmedicinepresentation/main. The manipulation of the argument medicinepresentation leads to cross site scripting. The attack may...
CVE-2026-10246
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function createmedicinepresentation of the file /ShowForm/createmedicinepresentation/main. The manipulation of the argument medicinepresentation leads to cross site scripting. The attack may...
CVE-2026-10246
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function createmedicinepresentation of the file /ShowForm/createmedicinepresentation/main. The manipulation of the argument medicinepresentation leads to cross site scripting. The attack may...
CVE-2026-10246 SourceCodester Pharmacy Sales and Inventory System main create_medicine_presentation cross site scripting
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function createmedicinepresentation of the file /ShowForm/createmedicinepresentation/main. The manipulation of the argument medicinepresentation leads to cross site scripting. The attack may...
EUVD-2026-33620
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function createmedicinepresentation of the file /ShowForm/createmedicinepresentation/main. The manipulation of the argument medicinepresentation leads to cross site scripting. The attack may...
CVE-2026-10246 SourceCodester Pharmacy Sales and Inventory System main create_medicine_presentation cross site scripting
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function createmedicinepresentation of the file /ShowForm/createmedicinepresentation/main. The manipulation of the argument medicinepresentation leads to cross site scripting. The attack may...
CVE-2026-10246
CVE-2026-10246 affects SourceCodester Pharmacy Sales and Inventory System 1.0. The vulnerability is in the create_medicine_presentation function of the file /ShowForm/create_medicine_presentation/main, where manipulation of the medicine_presentation argument yields cross-site scripting. The issue...
CVE-2026-10244 SourceCodester Pharmacy Sales and Inventory System main create_medicine_name cross site scripting
A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function createmedicinename of the file /ShowForm/createmedicinename/main. Performing a manipulation of the argument medicinename results in cross site scripting. The atta...
CVE-2026-10244 SourceCodester Pharmacy Sales and Inventory System main create_medicine_name cross site scripting
A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function createmedicinename of the file /ShowForm/createmedicinename/main. Performing a manipulation of the argument medicinename results in cross site scripting. The atta...
CVE-2026-10244
A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function createmedicinename of the file /ShowForm/createmedicinename/main. Performing a manipulation of the argument medicinename results in cross site scripting. The atta...
CVE-2026-10244
Technical details about CVE-2026-10244 are not publicly available in the provided documents. The description mentions an XSS in SourceCodester Pharmacy Sales and Inventory System 1.0 but provides no further specifics or remediation here. Monitor for updates.
PT-2026-45390
A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function create medicine name of the file /ShowForm/create medicine name/main. Performing a manipulation of the argument medicine name results in cross site scripting. The...
SourceCodester Pharmacy Sales and Inventory System 代码注入漏洞
SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a code injection vulnerability. This vulnerability stems from improper...
SourceCodester Pharmacy Sales and Inventory System 代码注入漏洞
SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a code injection vulnerability. This vulnerability arises from improper...
PT-2026-45392
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function create medicine presentation of the file /ShowForm/create medicine presentation/main. The manipulation of the argument medicine presentation leads to cross site scripting. The attac...
CVE-2021-31327
Stored XSS in Remote Clinic v2.0 in /medicines due to Medicine Name Field...
EUVD-2025-203849
An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.The function grayscaleconvert is called base...