Lucene search
+L
Oretnom23Online Medicine Ordering System

7 matches found

CVE
CVE
added 2024/02/14 12:0 a.m.76 views

CVE-2024-25217

CVE-2024-25217 corresponds to a SQL injection vulnerability in Online Medicine Ordering System v1.0, exploitable through the id parameter in /omos/?p=products/view_product. Connected sources repeatedly confirm the issue is SQL injection with potential for high impact on confidentiality, integrity...

9.8CVSS8.1AI score0.0069EPSS
Web
CVE
CVE
added 2022/10/27 12:0 a.m.67 views

CVE-2022-3714

CVE-2022-3714 affects SourceCodester Online Medicine Ordering System 1.0. The vulnerability is a SQL injection in an unknown function of the file admin/?page=orders/view_order, triggered by manipulating the id parameter, allowing remote exploitation. Documents consistently describe this issue as ...

9.8CVSS6.7AI score0.00381EPSS
Web
CVE
CVE
added 2022/10/27 12:0 a.m.66 views

CVE-2022-3716

CVE-2022-3716 affects SourceCodester Online Medicine Ordering System 1.0. The vulnerability is in the unknown functionality behind /omos/admin/?page=user/list, where manipulation of the First Name/Middle Name/Last Name parameters leads to cross-site scripting. It can be exploited remotely. Docume...

5.4CVSS4.5AI score0.00328EPSS
Web
CVE
CVE
added 2024/06/10 12:0 a.m.64 views

CVE-2024-32167

CVE-2024-32167 involves the Sourcecodester Online Medicine Ordering System 1.0. The vulnerability is an Arbitrary file deletion flaw caused by a backend function intended for deleting pictures, which can be abused to delete arbitrary files. Reported impact aligns with high integrity and availabil...

9.1CVSS6.9AI score0.0067EPSS
CVE
CVE
added 2025/04/03 4:31 a.m.60 views

CVE-2025-3140

CVE-2025-3140 affects SourceCodester Online Medicine Ordering System 1.0. The vulnerability is an SQL injection in the unknown part of the file /view_category.php caused by manipulating the ID parameter. It can be exploited remotely and exploitation has been disclosed publicly. The connected docu...

9.8CVSS7.6AI score0.00498EPSS
CVE
CVE
added 2025/04/03 5:0 a.m.59 views

CVE-2025-3141

CVE-2025-3141 affects SourceCodester Online Medicine Ordering System 1.0. The vulnerability resides in the unknown code path of the file /manage_category.php, where the manipulation of the argument ID leads to an SQL injection. Exploitation is possible remotely and the exploit has been disclosed ...

9.8CVSS7.8AI score0.00498EPSS
CVE
CVE
added 2024/09/30 12:0 a.m.50 views

CVE-2024-46293

The CVE-2024-46293 entry affects Sourcecodester Online Medicine Ordering System 1.0. The root cause is Incorrect Access Control due to a lack of authorization checks for admin operations, allowing an attacker to perform admin-level actions without a valid session token or verification of admin lo...

9.8CVSS7.1AI score0.00421EPSS