CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10024 – code-projects Pharmacy Management System manage_medicine_stock.php sql injection
https://notcve.org/view.php?id=CVE-2024-10024
16 Oct 2024 — A vulnerability, which was classified as critical, has been found in code-projects Pharmacy Management System 1.0. This issue affects some unknown processing of the file /php/manage_medicine_stock.php. The manipulation of the argument name/packing/generic_name/suppliers_name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://code-projects.org • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10023 – code-projects Pharmacy Management System add_new_medicine.php sql injection
https://notcve.org/view.php?id=CVE-2024-10023
16 Oct 2024 — A vulnerability classified as critical was found in code-projects Pharmacy Management System 1.0. This vulnerability affects unknown code of the file /php/add_new_medicine.php. The manipulation of the argument name/packing/generic_name/suppliers_name leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://code-projects.org • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10022 – code-projects Pharmacy Management System manage_supplier.php sql injection
https://notcve.org/view.php?id=CVE-2024-10022
16 Oct 2024 — A vulnerability classified as critical has been found in code-projects Pharmacy Management System 1.0. This affects an unknown part of the file /php/manage_supplier.php?action=search. The manipulation of the argument text leads to sql injection. It is possible to initiate the attack remotely. • https://code-projects.org • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10021 – code-projects Pharmacy Management System manage_purchase.php sql injection
https://notcve.org/view.php?id=CVE-2024-10021
16 Oct 2024 — A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /php/manage_purchase.php?action=search&tag=VOUCHER_NUMBER. The manipulation of the argument text leads to sql injection. • https://code-projects.org • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9976 – code-projects Pharmacy Management System manage_customer.php sql injection
https://notcve.org/view.php?id=CVE-2024-9976
15 Oct 2024 — A vulnerability classified as critical has been found in code-projects Pharmacy Management System 1.0. This affects an unknown part of the file /php/manage_customer.php?action=search. The manipulation of the argument text leads to sql injection. It is possible to initiate the attack remotely. • https://code-projects.org • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8366 – code-projects Pharmacy Management System Update My Profile Page index.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-8366
31 Aug 2024 — A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php?id=userProfileEdit of the component Update My Profile Page. The manipulation of the argument fname/lname/email with the input <script>alert(1)</script> leads to cross site scripting. • https://code-projects.org • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-8147 – code-projects Pharmacy Management System index.php sql injection
https://notcve.org/view.php?id=CVE-2024-8147
25 Aug 2024 — A vulnerability was found in code-projects Pharmacy Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /index.php?action=editPharmacist. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. • https://code-projects.org • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-8146 – code-projects Pharmacy Management System index.php sql injection
https://notcve.org/view.php?id=CVE-2024-8146
25 Aug 2024 — A vulnerability has been found in code-projects Pharmacy Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /index.php?action=editSalesman. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. • https://code-projects.org • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-8138 – code-projects Pharmacy Management System Parameter index.php editManager sql injection
https://notcve.org/view.php?id=CVE-2024-8138
25 Aug 2024 — A vulnerability, which was classified as critical, was found in code-projects Pharmacy Management System 1.0. Affected is the function editManager of the file /index.php?action=editManager of the component Parameter Handler. The manipulation of the argument id as part of String leads to sql injection. It is possible to launch the attack remotely. • https://code-projects.org • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •