CVE-2024-10139 – code-projects Pharmacy Management System add_new_supplier.php sql injection
https://notcve.org/view.php?id=CVE-2024-10139
A vulnerability classified as critical was found in code-projects Pharmacy Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add_new_supplier.php. The manipulation of the argument name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://code-projects.org https://gist.github.com/higordiego/155be99b5314d97b276a7b30b9e6dec0 https://vuldb.com/?ctiid.280927 https://vuldb.com/?id.280927 https://vuldb.com/?submit.425285 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-10138 – code-projects Pharmacy Management System add_new_purchase.php sql injection
https://notcve.org/view.php?id=CVE-2024-10138
A vulnerability classified as critical has been found in code-projects Pharmacy Management System 1.0. Affected is an unknown function of the file /add_new_purchase.php?action=is_supplier. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. • https://vuldb.com/?id.280926 https://vuldb.com/?ctiid.280926 https://vuldb.com/?submit.425283 https://gist.github.com/higordiego/26694ace59cbc1e1f8366bef96953569 https://code-projects.org • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-10137 – code-projects Pharmacy Management System manage_medicine.php sql injection
https://notcve.org/view.php?id=CVE-2024-10137
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /manage_medicine.php?action=delete. The manipulation of the argument id leads to sql injection. • https://vuldb.com/?id.280925 https://vuldb.com/?ctiid.280925 https://vuldb.com/?submit.425280 https://gist.github.com/higordiego/edd15afd508c51c95e5ce29544165320 https://code-projects.org • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-10136 – code-projects Pharmacy Management System manage_invoice.php sql injection
https://notcve.org/view.php?id=CVE-2024-10136
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /manage_invoice.php. The manipulation of the argument invoice_number leads to sql injection. The attack can be initiated remotely. • https://code-projects.org https://gist.github.com/higordiego/f6411aecc606b015a37382b2be828831 https://vuldb.com/?ctiid.280924 https://vuldb.com/?id.280924 https://vuldb.com/?submit.425279 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-10024 – code-projects Pharmacy Management System manage_medicine_stock.php sql injection
https://notcve.org/view.php?id=CVE-2024-10024
A vulnerability, which was classified as critical, has been found in code-projects Pharmacy Management System 1.0. This issue affects some unknown processing of the file /php/manage_medicine_stock.php. The manipulation of the argument name/packing/generic_name/suppliers_name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://code-projects.org https://gist.github.com/higordiego/b0083f7f12dee245c2fbe7102e31d9a4 https://vuldb.com/?ctiid.280559 https://vuldb.com/?id.280559 https://vuldb.com/?submit.424529 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •