CVE-2026-9564 SourceCodester/oretnom23 Hospitals Patient Records Management System view_patient cross site scripting

A vulnerability was found in SourceCodester/oretnom23 Hospitals Patient Records Management System 1.0. The impacted element is an unknown function of the file /admin/?page=patients/viewpatient. Performing a manipulation of the argument Remarks results in cross site scripting. Remote exploitation ...

Exploit for SQL Injection in Oretnom23 Simple_Responsive_Tourism_Website

file /classes/Master.php?f=register of the SQL Injection CVE-...

CVE-2021-41658

Cross Site Scripting XSS in Sourcecodester Student Quarterly Grading System by oretnom23, allows attackers to execute arbitrary code via the fullname and username parameters to the users page...

CVE-2022-31351

Online Car Wash Booking System v1.0 by oretnom23 has SQL injection via /ocwbs/admin/services/manageprice.php?id=...

EUVD-2023-34448

Malicious code in bioql PyPI...

EUVD-2023-34672

Malicious code in bioql PyPI...

CVE-2023-30247

File Upload vulnerability found in Oretnom23 Storage Unit Rental Management System v.1.0 allows a remote attacker to execute arbitrary code via the updatesettings parameter...

CVE-2023-30077

Judging Management System v1.0 by oretnom23 was discovered to vulnerable to SQL injection via /php-jms/reviewresult.php?maineventid=, maineventid...

CVE-2022-40933

Online Pet Shop We App v1.0 by oretnom23 is vulnerable to SQL injection via /petshop/classes/Master.php?f=deleteorder,id...

CVE-2022-30494

In oretnom23 Automotive Shop Management System v1.0, the first and last name user fields suffer from a stored XSS Injection Vulnerability allowing remote attackers to gain admin access and view internal IPs...

CVE-2022-30798

Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/viewreport.php...

CVE-2021-41659

SQL injection vulnerability in Sourcecodester Banking System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username or password field...

CVE-2025-4806

A vulnerability, which was classified as critical, has been found in SourceCodester/oretnom23 Stock Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/?page=backorder/viewbo. The manipulation of the argument ID leads to sql injection. The attack may be...

CVE-2025-4283 SourceCodester/oretnom23 Stock Management System Login.php sql injection

A vulnerability was found in SourceCodester/oretnom23 Stock Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Login.php?f=login. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely...

Online Exam System 访问控制错误漏洞

Online Exam System is an online exam system by oretnom23 individual developers. An access control error vulnerability exists in Online Exam System version 1.0, which stems from improper access control...

Simple Online Bidding System 安全漏洞

Simple Online Bidding System is an online bidding system by oretnom23 individual developer. A security vulnerability exists in Simple Online Bidding System version 1.0, which originates in an unknown section of the file /simple-online-bidding-system/bidding/index.php, where the manipulation of th...

Establishment Billing Management System SQL注入漏洞

Establishment Billing Management System is a billing management system by oretnom23 Individual Developer. An SQL injection vulnerability exists in the Establishment Billing Management System version 1.0, which stems from an incorrect operation of the username parameter that can lead to sql...

Establishment Billing Management System SQL注入漏洞

Establishment Billing Management System is a billing management system by oretnom23 Individual Developer. An SQL injection vulnerability exists in the Establishment Billing Management System version 1.0, which stems from an incorrect manipulation of the parameter id that can lead to sql injection...

CVE-2024-5385

CVE-2024-5385 affects oretnom23 Online Car Wash Booking System 1.0. A cross-site scripting flaw exists in the /admin/?page=user/list endpoint triggered by manipulating the First Name/Last Name field with a script payload. The issue is exploitable remotely and involves user interaction. Documented...

PT-2024-35951 · Unknown · Oretnom23 Online Car Wash Booking System

Name of the Vulnerable Software and Affected Versions: oretnom23 Online Car Wash Booking System version 1.0 Description: A problematic issue has been found in the system, affecting the processing of the file "/admin/?page=user/list". The manipulation of the argument First Name/Last Name with the...