CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10024 – code-projects Pharmacy Management System manage_medicine_stock.php sql injection
https://notcve.org/view.php?id=CVE-2024-10024
A vulnerability, which was classified as critical, has been found in code-projects Pharmacy Management System 1.0. This issue affects some unknown processing of the file /php/manage_medicine_stock.php. The manipulation of the argument name/packing/generic_name/suppliers_name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://code-projects.org https://gist.github.com/higordiego/b0083f7f12dee245c2fbe7102e31d9a4 https://vuldb.com/?ctiid.280559 https://vuldb.com/?id.280559 https://vuldb.com/?submit.424529 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10023 – code-projects Pharmacy Management System add_new_medicine.php sql injection
https://notcve.org/view.php?id=CVE-2024-10023
A vulnerability classified as critical was found in code-projects Pharmacy Management System 1.0. This vulnerability affects unknown code of the file /php/add_new_medicine.php. The manipulation of the argument name/packing/generic_name/suppliers_name leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://code-projects.org https://gist.github.com/higordiego/01a35a20a4e20e937d384b677c000921 https://vuldb.com/?ctiid.280558 https://vuldb.com/?id.280558 https://vuldb.com/?submit.424483 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10022 – code-projects Pharmacy Management System manage_supplier.php sql injection
https://notcve.org/view.php?id=CVE-2024-10022
A vulnerability classified as critical has been found in code-projects Pharmacy Management System 1.0. This affects an unknown part of the file /php/manage_supplier.php?action=search. The manipulation of the argument text leads to sql injection. It is possible to initiate the attack remotely. • https://code-projects.org https://gist.github.com/higordiego/2bd0a94e480906a60ce83b8a4ec26957 https://vuldb.com/?ctiid.280557 https://vuldb.com/?id.280557 https://vuldb.com/?submit.424337 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10021 – code-projects Pharmacy Management System manage_purchase.php sql injection
https://notcve.org/view.php?id=CVE-2024-10021
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /php/manage_purchase.php?action=search&tag=VOUCHER_NUMBER. The manipulation of the argument text leads to sql injection. • https://code-projects.org https://gist.github.com/higordiego/439f2af836c2c7d6075ba9de2e1169da https://vuldb.com/?ctiid.280556 https://vuldb.com/?id.280556 https://vuldb.com/?submit.424334 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9986 – code-projects Blood Bank Management System member_register.php sql injection
https://notcve.org/view.php?id=CVE-2024-9986
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file member_register.php. The manipulation of the argument fullname/username/password/email leads to sql injection. The attack may be initiated remotely. • https://code-projects.org https://github.com/Lanxiy7th/lx_CVE_report-/issues/16 https://vuldb.com/?ctiid.280349 https://vuldb.com/?id.280349 https://vuldb.com/?submit.423887 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •