21 matches found
EUVD-2018-10421
Malware in sbrugna...
EUVD-2018-10419
Malware in sbrugna...
EUVD-2018-10420
Malware in sbrugna...
PhpTpoint Hospital Management System SQL Injection Vulnerability (CNVD-2019-23086)
PhpTpoint Hospital Management System is a hospital management system developed using PHP language. The system includes functions such as doctor management, patient management and online appointment booking. A SQL injection vulnerability exists in PhpTpoint Hospital Management System, which can be...
PhpTpoint Mailing Server Using File Handling Arbitrary File Read Vulnerability
PhpTpoint Mailing Server Using File Handling is a file system based implementation of the mail server . An arbitrary file read vulnerability exists in PhpTpoint Mailing Server Using File Handling version 1.0, which can be exploited by an attacker to bypass the login page and read sensitive files...
phptpoint Pharmacy Management System 1.0 - username SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: phptpoint Pharmacy Management System 1.0 - 'username' SQL injection Exploit Author: Boumediene KADDOUR Unit: Algerie Telecom R&D Unit Vendor Homepage: https://www.phptpoint.com/ Software Link:...
phptpoint Pharmacy Management System 1.0 - 'username' SQL Injection
Exploit Title: phptpoint Pharmacy Management System 1.0 - 'username' SQL injection Date: 2018-10-24 Exploit Author: Boumediene KADDOUR Unit: Algerie Telecom R&D Unit Vendor Homepage: https://www.phptpoint.com/ Software Link: https://www.phptpoint.com/pharmacy-management-system/ Version: 1 Tested...
CVE-2018-18704
PhpTpoint Pharmacy Management System suffers from a SQL injection vulnerability in the index.php username parameter...
CVE-2018-18705
PhpTpoint hospital management system suffers from multiple SQL injection vulnerabilities via the index.php user parameter associated with LOGIN.php, or the rno parameter to ALIST.php, DUNDEL.php, PDEL.php, or PUNDEL.php...
CVE-2018-18703
PhpTpoint Mailing Server Using File Handling 1.0 suffers from multiple Arbitrary File Read vulnerabilities in different sections that allow an attacker to read sensitive files on the system via directory traversal, bypassing the login page, as demonstrated by the Mailserverfilesystem/home.php...
Sql injection
PhpTpoint Pharmacy Management System suffers from a SQL injection vulnerability in the index.php username parameter...
Directory traversal
PhpTpoint Mailing Server Using File Handling 1.0 suffers from multiple Arbitrary File Read vulnerabilities in different sections that allow an attacker to read sensitive files on the system via directory traversal, bypassing the login page, as demonstrated by the Mailserverfilesystem/home.php...
Sql injection
PhpTpoint hospital management system suffers from multiple SQL injection vulnerabilities via the index.php user parameter associated with LOGIN.php, or the rno parameter to ALIST.php, DUNDEL.php, PDEL.php, or PUNDEL.php...
CVE-2018-18704
The CVE-2018-18704 entry: PhpTpoint Pharmacy Management System contains a SQL injection in the index.php username parameter. According to CNVD-2019-23084, this can be exploited by a remote attacker to bypass the login page and authenticate as admin or another user. NVD data indicates a high to cr...
CVE-2018-18703
The issue pertains to CVE-2018-18703 affecting PhpTpoint Mailing Server Using File Handling 1.0. Multiple Arbitrary File Read vulnerabilities allow an attacker to read sensitive files on the host via directory traversal, including vectors that bypass the login page (e.g., Mailserver_filesystem/ho...
CVE-2018-18705
PhpTpoint Hospital Management System (PHP) contains multiple SQL injection vulnerabilities reachable via index.php (user parameter in LOGIN.php) and via rno parameters to ALIST.php, DUNDEL.php, PDEL.php, or PUNDEL.php. Exploitation could allow bypassing login to obtain database information or exe...
CVE-2018-18703
PhpTpoint Mailing Server Using File Handling 1.0 suffers from multiple Arbitrary File Read vulnerabilities in different sections that allow an attacker to read sensitive files on the system via directory traversal, bypassing the login page, as demonstrated by the Mailserverfilesystem/home.php...
CVE-2018-18705
PhpTpoint hospital management system suffers from multiple SQL injection vulnerabilities via the index.php user parameter associated with LOGIN.php, or the rno parameter to ALIST.php, DUNDEL.php, PDEL.php, or PUNDEL.php...
PHPTPoint Pharmacy Management System 1.0 - username SQL injection Vulnerability
Exploit for php platform in category web applications Exploit Title: phptpoint Pharmacy Management System 1.0 - 'username' SQL injection Exploit Author: Boumediene KADDOUR Unit: Algerie Telecom R&D Unit Vendor Homepage: https://www.phptpoint.com/ Software Link:...
phptpoint Hospital Management System 1.0 - 'user' SQL injection
Exploit Title: phptpoint Hospital Management System 1.0 - 'user' SQL injection Date: 2018-10-24 Exploit Author: Boumediene KADDOUR Unit: Algerie Telecom R&D Unit Vendor Homepage: https://www.phptpoint.com/ Software Link: Version: 1 Tested on: WAMP windows 10 x64 CVE: unknown Description: Phptpoin...