Lucene search
K

124 matches found

OSV
OSV
added 2022/06/02 2:15 p.m.3 views

CVE-2022-30799

Online Ordering System v1.0 by oretnom23 has SQL injection via store/orderpage.php...

7.2CVSS5.8AI score0.00958EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/06/02 2:15 p.m.4 views

CVE-2022-30798

Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/viewreport.php...

7.2CVSS5.9AI score0.00958EPSS
Exploits1References2
OSV
OSV
added 2022/06/02 2:15 p.m.4 views

CVE-2022-30794

Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductetails.php...

7.2CVSS7.1AI score0.00795EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/02 2:15 p.m.3 views

CVE-2022-30423

Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution RCE vulnerability in the user profile upload point in the system information...

9.8CVSS7.9AI score0.01701EPSS
Exploits1References2
OSV
OSV
added 2022/06/02 2:15 p.m.4 views

CVE-2022-30423

Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution RCE vulnerability in the user profile upload point in the system information...

9.8CVSS6.3AI score0.01701EPSS
Exploits1References1
Prion
Prion
added 2022/06/02 2:15 p.m.18 views

Sql injection

Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductetails.php...

6.5CVSS7.3AI score0.00795EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/06/02 2:15 p.m.17 views

Sql injection

Online Ordering System v1.0 by oretnom23 has SQL injection via store/orderpage.php...

6.5CVSS7.4AI score0.00958EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2022/06/02 2:15 p.m.13 views

Sql injection

Online Ordering System 1.0 by oretnom23 is vulnerable to SQL Injection via admin/vieworders.php...

7.5CVSS9.8AI score0.01081EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/06/01 1:28 p.m.14 views

CVE-2022-31352

Online Car Wash Booking System v1.0 by oretnom23 has SQL injection in /ocwbs/admin/services/manageservice.php?id=...

10AI score0.01081EPSS
Exploits1References1
CVE
CVE
added 2022/05/31 3:11 p.m.78 views

CVE-2022-30797

CVE-2022-30797 affects Online Ordering System 1.0 (admin/vieworders.php) and is caused by an SQL injection vulnerability. Affected component is the web application's admin view orders interface; the root cause is improper input handling/validation on that page. Documented impact includes potentia...

9.8CVSS9.8AI score0.01081EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/05/31 3:6 p.m.18 views

CVE-2022-30794

Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductetails.php...

7.6AI score0.00795EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/03/17 12:0 a.m.6 views

Attendance and Payroll System 安全漏洞

Attendance and Payroll System is an attendance and payroll system using PHP/MySQLi source code by oretnom23 individual developers. sourcecodester Attendance and Payroll System is vulnerable to remote code execution, which can be exploited by attackers to upload maliciously crafted PHP...

9.8CVSS6AI score0.03825EPSS
Exploits1References4
Prion
Prion
added 2022/01/24 7:15 p.m.14 views

Cross site scripting

Cross Site Scripting XSS in Sourcecodester Try My Recipe Recipe Sharing Website - CMS by oretnom23, allows attackers to gain the PHPSESID or other unspecified impacts via the fullname parameter to the loginregistration page...

4.3CVSS6.2AI score0.00725EPSS
Exploits1References1
Prion
Prion
added 2022/01/24 7:15 p.m.15 views

Cross site scripting

Cross site scripting XSS vulnerability in Sourcecodester Online Covid Vaccination Scheduler System v1 by oretnom23, allows attackers to execute arbitrary code via the lid parameter to /scheduler/addSchedule.php...

4.3CVSS6.3AI score0.01008EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/01/24 6:53 p.m.72 views

CVE-2021-43420

CVE-2021-43420 affects Sourcecodester Online Payment Hub v1 (Login.php) by oretnom23. A SQL injection is possible via the username parameter, caused by insufficient input handling (no filtering/escaping of SQL data). Reported as a high/critical issue in CVSS metrics (NVD): CVSS 2.0 base score 7.5...

9.8CVSS9.9AI score0.01289EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/01/24 6:53 p.m.21 views

CVE-2021-43420

SQL injection vulnerability in Login.php in Sourcecodester Online Payment Hub v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter...

10AI score0.01289EPSS
Exploits1References1
CVE
CVE
added 2022/01/24 6:17 p.m.54 views

CVE-2021-42168

CVE-2021-42168 affects Sourcecodester Try My Recipe (a Recipe Sharing Website CMS). The vulnerability is a Cross Site Scripting (XSS) flaw in the fullname parameter of the login_registration page, caused by insufficient input filtering/escaping. The issue can enable an attacker to obtain the PHPS...

6.1CVSS6.2AI score0.00725EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2022/01/24 6:15 p.m.12 views

CVE-2021-41660

SQL injection vulnerability in Sourcecodester Patient Appointment Scheduler System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username and password fields to login.php...

9.8CVSS0.01254EPSS
Exploits1References1
NVD
NVD
added 2022/01/24 6:15 p.m.26 views

CVE-2021-41659

SQL injection vulnerability in Sourcecodester Banking System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username or password field...

9.8CVSS0.01254EPSS
Exploits1References1
Prion
Prion
added 2022/01/24 6:15 p.m.13 views

Sql injection

SQL injection vulnerability in Sourcecodester Patient Appointment Scheduler System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username and password fields to login.php...

7.5CVSS10AI score0.01254EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder