Lucene search
K
PhptpointPharmacy Management System

5 matches found

CVE
CVE
added 2022/08/02 2:54 a.m.75 views

CVE-2022-34954

Pharmacy Management System v1.0 contains a SQL injection vulnerability in invoiceprint.php exposed via the id parameter. Root cause: lack of input validation on external input for the SQL statement. Impact per sources: potential unauthorized access to sensitive data in the database. Exploitation ...

9.8CVSS9.8AI score0.00804EPSS
CVE
CVE
added 2022/08/02 2:54 a.m.66 views

CVE-2022-34951

The CVE-2022-34951 entry concerns Pharmacy Management System v1.0, where a SQL injection flaw exists in the getsalereport.php endpoint through the startDate parameter. The issue affects the application’s data integrity, confidentiality, and availability (CVSS v3.1 base score 9.8, CRITICAL). Explo...

9.8CVSS9.8AI score0.00804EPSS
CVE
CVE
added 2022/08/02 2:54 a.m.65 views

CVE-2022-34952

Pharmacy Management System v1.0 contains a SQL injection in the id parameter of edituser.php. The root cause is a lack of input validation for external SQL, enabling arbitrary database queries that could expose or modify data. Impact per sources includes potential access to sensitive data; CVSS d...

9.8CVSS9.8AI score0.00804EPSS
CVE
CVE
added 2022/08/02 2:54 a.m.58 views

CVE-2022-34953

Pharmacy Management System v1.0 contains a SQL injection in getOrderReport.php via the startDate parameter. The root cause is lack of input validation leading to arbitrary SQL execution, enabling access to sensitive data. Affected product/component: Pharmacy Management System (MPMS) v1.0; vulnera...

9.8CVSS9.8AI score0.00804EPSS
CVE
CVE
added 2018/10/27 7:0 p.m.38 views

CVE-2018-18704

The CVE-2018-18704 entry: PhpTpoint Pharmacy Management System contains a SQL injection in the index.php username parameter. According to CNVD-2019-23084, this can be exploited by a remote attacker to bypass the login page and authenticate as admin or another user. NVD data indicates a high to cr...

9.8CVSS9.6AI score0.01587EPSS