30 matches found
EUVD-2025-9573
Malicious code in bioql PyPI...
CVE-2024-28303
Open Source Medicine Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the date parameter at /admin/reports/index.php...
CVE-2024-25217
Online Medicine Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /omos/?p=products/viewproduct...
CVE-2022-3714
A vulnerability classified as critical has been found in SourceCodester Online Medicine Ordering System 1.0. Affected is an unknown function of the file admin/?page=orders/vieworder. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. VDB-2123...
CVE-2025-3141
A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /managecategory.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit...
CVE-2025-3140
A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file /viewcategory.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit...
CVE-2025-3141 SourceCodester Online Medicine Ordering System manage_category.php sql injection
A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /managecategory.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit...
CVE-2025-3140 SourceCodester Online Medicine Ordering System view_category.php sql injection
A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file /viewcategory.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit...
PT-2025-14578 · Unknown · Sourcecodester Online Medicine Ordering System
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Medicine Ordering System version 1.0 Description: A critical vulnerability was found in the SourceCodester Online Medicine Ordering System. This issue affects unknown code in the file /manage category.php. The manipulati...
CVE-2024-46293
Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect Access Control. There is a lack of authorization checks for admin operations. Specifically, an attacker can perform admin-level actions without possessing a valid session token. The application does not verify whether t...
Online Medicine Ordering System 1.0 Insecure Settings
==================================================================================================================================== | Title : Online Medicine Ordering System v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
CVE-2024-32167
Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Arbitrary file deletion vulnerability as the backend settings have the function of deleting pictures to delete any files...
CVE-2024-32167
CVE-2024-32167 involves the Sourcecodester Online Medicine Ordering System 1.0. The vulnerability is an Arbitrary file deletion flaw caused by a backend function intended for deleting pictures, which can be abused to delete arbitrary files. Reported impact aligns with high integrity and availabil...
CVE-2024-32167
Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Arbitrary file deletion vulnerability as the backend settings have the function of deleting pictures to delete any files...
CVE-2024-32167
Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Arbitrary file deletion vulnerability as the backend settings have the function of deleting pictures to delete any files...
PT-2024-22386 · Unknown · Open Source Medicine Ordering System
Name of the Vulnerable Software and Affected Versions: Open Source Medicine Ordering System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the date parameter at the "/admin/reports/index.php" API endpoint. Recommendations: F...
CVE-2024-28303
Open Source Medicine Ordering System v1.0 is vulnerable to a SQL injection via the date parameter in /admin/reports/index.php. Affected component: the web application’s reports endpoint. Root cause (as described): unsafely interpolating user-supplied date input into SQL queries leading to potenti...
Online Medicine Ordering System SQL Injection Vulnerability
Online Medicine Ordering System is an online medicine ordering system by Carlo Montero, an individual developer. A SQL injection vulnerability exists in Online Medicine Ordering System v1.0, which is caused by a SQL injection vulnerability in the date parameter of /admin/reports/index.php...
CVE-2024-25217
Online Medicine Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /omos/?p=products/viewproduct...
CVE-2024-25217
Online Medicine Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /omos/?p=products/viewproduct...