Pharmacy Management System Security Vulnerabilities

CVE-2018-18704

PhpTpoint Pharmacy Management System suffers from a SQL injection vulnerability in the index.php username parameter.

CVE-2022-34951

Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getsalereport.php.

CVE-2022-34952

Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at edituser.php.

CVE-2022-34953

Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getOrderReport.php.

CVE-2022-34954

Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at invoiceprint.php.