Page 3 of 35 results (0.004 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability classified as critical was found in code-projects Pharmacy Management System 1.0. This vulnerability affects unknown code of the file /php/add_new_medicine.php. The manipulation of the argument name/packing/generic_name/suppliers_name leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://code-projects.org https://gist.github.com/higordiego/01a35a20a4e20e937d384b677c000921 https://vuldb.com/?ctiid.280558 https://vuldb.com/?id.280558 https://vuldb.com/?submit.424483 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability classified as critical has been found in code-projects Pharmacy Management System 1.0. This affects an unknown part of the file /php/manage_supplier.php?action=search. The manipulation of the argument text leads to sql injection. It is possible to initiate the attack remotely. • https://code-projects.org https://gist.github.com/higordiego/2bd0a94e480906a60ce83b8a4ec26957 https://vuldb.com/?ctiid.280557 https://vuldb.com/?id.280557 https://vuldb.com/?submit.424337 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /php/manage_purchase.php?action=search&tag=VOUCHER_NUMBER. The manipulation of the argument text leads to sql injection. • https://code-projects.org https://gist.github.com/higordiego/439f2af836c2c7d6075ba9de2e1169da https://vuldb.com/?ctiid.280556 https://vuldb.com/?id.280556 https://vuldb.com/?submit.424334 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability classified as critical has been found in code-projects Pharmacy Management System 1.0. This affects an unknown part of the file /php/manage_customer.php?action=search. The manipulation of the argument text leads to sql injection. It is possible to initiate the attack remotely. • https://code-projects.org https://gist.github.com/higordiego/b57040961b993cb5f1bfe0005f6b57be https://vuldb.com/?ctiid.280341 https://vuldb.com/?id.280341 https://vuldb.com/?submit.423448 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability, which was classified as critical, was found in Codezips Pharmacy Management System 1.0. Affected is an unknown function of the file product/update.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/ppp-src/CVE/issues/11 https://vuldb.com/?ctiid.279966 https://vuldb.com/?id.279966 https://vuldb.com/?submit.418905 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •