CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-8146 – code-projects Pharmacy Management System index.php sql injection
https://notcve.org/view.php?id=CVE-2024-8146
25 Aug 2024 — A vulnerability has been found in code-projects Pharmacy Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /index.php?action=editSalesman. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. • https://code-projects.org • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-8138 – code-projects Pharmacy Management System Parameter index.php editManager sql injection
https://notcve.org/view.php?id=CVE-2024-8138
25 Aug 2024 — A vulnerability, which was classified as critical, was found in code-projects Pharmacy Management System 1.0. Affected is the function editManager of the file /index.php?action=editManager of the component Parameter Handler. The manipulation of the argument id as part of String leads to sql injection. It is possible to launch the attack remotely. • https://code-projects.org • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4186 – SourceCodester Pharmacy Management System manage_website.php unrestricted upload
https://notcve.org/view.php?id=CVE-2023-4186
06 Aug 2023 — A vulnerability was found in SourceCodester Pharmacy Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file manage_website.php. The manipulation leads to unrestricted upload. The attack can be launched remotely. • https://github.com/E1even-321/Pharmacy-system/blob/main/Pharmacy%20Management%20System%20has%20a%20file%20upload%20(RCE)%20vulnerability.pdf • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-31519
https://notcve.org/view.php?id=CVE-2023-31519
16 May 2023 — Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the email parameter at login_core.php. • https://github.com/yangliukk/Injection-Vulnerability-In-Pharmacy-Management-System-1.0/blob/main/README.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0918 – codeprojects Pharmacy Management System Avatar Image add.php unrestricted upload
https://notcve.org/view.php?id=CVE-2023-0918
19 Feb 2023 — A vulnerability has been found in codeprojects Pharmacy Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file add.php of the component Avatar Image Handler. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://blog.0xgabe.com/?p=71 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-34953
https://notcve.org/view.php?id=CVE-2022-34953
02 Aug 2022 — Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getOrderReport.php. Se ha detectado que Pharmacy Management System versión v1.0, contiene una vulnerabilidad de inyección SQL por medio del parámetro startDate en el archivo getOrderReport.php • https://www.yuque.com/jiryu/yz4rcd/zd4eic • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-34954
https://notcve.org/view.php?id=CVE-2022-34954
02 Aug 2022 — Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at invoiceprint.php. Se ha detectado que Pharmacy Management System versión v1.0, contiene una vulnerabilidad de inyección SQL por medio del parámetro id en el archivo invoiceprint.php • https://www.yuque.com/jiryu/yz4rcd/dreflr • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-34952
https://notcve.org/view.php?id=CVE-2022-34952
02 Aug 2022 — Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at edituser.php. Se ha detectado que Pharmacy Management System versión v1.0, contiene una vulnerabilidad de inyección SQL por medio del parámetro id en el archivo edituser.php • https://www.yuque.com/jiryu/yz4rcd/wgh7s5 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-34950
https://notcve.org/view.php?id=CVE-2022-34950
02 Aug 2022 — Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editproduct.php. Se ha detectado que Pharmacy Management System versión v1.0, contiene una vulnerabilidad de inyección SQL por medio del parámetro id en el archivo editproduct.php • https://www.yuque.com/jiryu/yz4rcd/iwd521 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-34951
https://notcve.org/view.php?id=CVE-2022-34951
02 Aug 2022 — Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getsalereport.php. Se ha detectado que Pharmacy Management System versión v1.0, contiene una vulnerabilidad de inyección SQL por medio del parámetro startDate en el archivo getsalereport.php • https://www.yuque.com/jiryu/yz4rcd/gexe2q • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •