Lucene search
+L
Pharmacy Management System ProjectPharmacy Management System

13 matches found

CVE
CVE
added 2023/05/16 12:0 a.m.137 views

CVE-2023-31519

CVE-2023-31519 affects Pharmacy Management System v1.0. The Red Hat, CNVD/CNNVD, NVD entries describe a SQL injection vulnerability in login_core.php exposed via the email parameter, arising from lack of validation of externally entered SQL statements. This can allow an attacker to execute arbitr...

9.8CVSS9.8AI score0.0085EPSS
CVE
CVE
added 2024/08/25 8:0 a.m.112 views

CVE-2024-8146

The CVE-2024-8146 entry concerns code-projects Pharmacy Management System 1.0. The vulnerability is a SQL injection in the endpoint /index.php?action=editSalesman, triggered by manipulating the id parameter. A remote attacker can exploit it, and public disclosures exist. Exploit details and advis...

9.8CVSS6.9AI score0.0058EPSS
CVE
CVE
added 2024/08/25 9:0 a.m.105 views

CVE-2024-8147

The CVE-2024-8147 entry concerns the code-projects Pharmacy Management System version 1.0. The vulnerability arises in the handling of the parameter id in the endpoint "/index.php?action=editPharmacist", where unsanitized input leads to SQL injection . This can be exploited remotely and is classi...

8.8CVSS6.9AI score0.00611EPSS
CVE
CVE
added 2022/08/02 2:54 a.m.88 views

CVE-2022-34950

CVE-2022-34950 : Multiple sources describe a SQL injection vulnerability in Pharmacy Management System v1.0, exposed via the id parameter of editproduct.php. The root cause is lack of validation of external input in the SQL statement, enabling an attacker to execute arbitrary SQL commands and pot...

9.8CVSS9.8AI score0.00804EPSS
CVE
CVE
added 2022/08/02 2:54 a.m.87 views

CVE-2022-34947

CVE-2022-34947 affects Pharmacy Management System v1.0. A SQL injection vulnerability arises from unsanitized input on the id parameter in editcategory.php, enabling arbitrary SQL on the database. Root cause: lack of validation/external input handling for the id field. Impact is described as high...

9.8CVSS9.8AI score0.00804EPSS
CVE
CVE
added 2022/08/02 2:54 a.m.86 views

CVE-2022-34945

Pharmacy Management System v1.0 contains a SQL injection vulnerability in getproductreport.php via the startDate parameter. The issue stems from unsanitized external input in the SQL query, enabling an attacker to potentially execute arbitrary SQL and exfiltrate data. Public references describe i...

9.8CVSS9.8AI score0.00804EPSS
CVE
CVE
added 2022/05/20 12:53 p.m.79 views

CVE-2022-30887

Pharmacy Management System v1.0 contains a remote code execution (RCE) via /php_action/editProductImage.php when handling a crafted image file. Affected component is the editProductImage.php upload logic, enabling arbitrary code execution on the server. The issue is evidenced by related Red Hat/C...

9.8CVSS9.8AI score0.26121EPSS
Web
CVE
CVE
added 2022/08/02 2:54 a.m.74 views

CVE-2022-34946

CVE-2022-34946 affects Pharmacy Management System v1.0. The vulnerability is a SQL injection via the startDate parameter in getexpproduct.php, caused by lack of input validation. The exploit could allow unauthorized access to or manipulation of the database (per NVD metrics: CVSSv3.1 base score 9...

9.8CVSS9.8AI score0.00804EPSS
CVE
CVE
added 2022/08/02 2:54 a.m.74 views

CVE-2022-34948

CVE-2022-34948 affects Pharmacy Management System v1.0. The vulnerability is a SQL injection in the id parameter of editbrand.php, arising from lack of input validation/unsafe SQL construction. Impacts include potential extraction or manipulation of database data (high confidentiality and integri...

9.8CVSS9.8AI score0.00804EPSS
CVE
CVE
added 2022/08/02 2:54 a.m.72 views

CVE-2022-34949

CVE-2022-34949 affects Pharmacy Management System v1.0. Multiple SQL injection vulnerabilities exist in login.php via the email and password parameters, caused by lack of validation of externally entered SQL statements. Impact stated across sources includes potential theft of sensitive data. No e...

9.8CVSS10AI score0.00804EPSS
CVE
CVE
added 2023/08/06 1:31 p.m.64 views

CVE-2023-4186

SourceCodester Pharmacy Management System 1.0 is affected by CVE-2023-4186 via an issue in the file manage_website.php that allows unrestricted uploads. This vulnerability can be triggered remotely and has been publicly disclosed; NVD CVSS v3.1 base score 9.8 (CRITICAL), with impact on confidenti...

9.8CVSS7.2AI score0.00915EPSS
CVE
CVE
added 2023/02/19 8:19 a.m.54 views

CVE-2023-0918

CVE-2023-0918 affects codeprojects Pharmacy Management System 1.0, specifically the Avatar Image Handler’s add.php. The issue is unrestricted file upload due to missing validation, enabling remote code execution via uploaded files. Several sources confirm public exploitation and a high-impact pro...

9.8CVSS8.1AI score0.0072EPSS
CVE
CVE
added 2024/08/25 12:0 a.m.53 views

CVE-2024-8138

The CVE-2024-8138 entry concerns code-projects Pharmacy Management System 1.0. The vulnerable component is the function editManager in /index.php?action=editManager (Parameter Handler). The issue arises from manipulating the id argument as part of a string, leading to SQL injection. Remote exploi...

9.8CVSS6.8AI score0.0058EPSS