CVE-2024-9813 – Codezips Pharmacy Management System register.php sql injection
https://notcve.org/view.php?id=CVE-2024-9813
A vulnerability, which was classified as critical, has been found in Codezips Pharmacy Management System 1.0. This issue affects some unknown processing of the file product/register.php. The manipulation of the argument category leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?id.279965 https://vuldb.com/?ctiid.279965 https://vuldb.com/?submit.418904 https://github.com/ppp-src/CVE/issues/10 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-8366 – code-projects Pharmacy Management System Update My Profile Page index.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-8366
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php?id=userProfileEdit of the component Update My Profile Page. The manipulation of the argument fname/lname/email with the input <script>alert(1)</script> leads to cross site scripting. • https://code-projects.org https://vuldb.com/?ctiid.276261 https://vuldb.com/?id.276261 https://vuldb.com/?submit.398777 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-8147 – code-projects Pharmacy Management System index.php sql injection
https://notcve.org/view.php?id=CVE-2024-8147
A vulnerability was found in code-projects Pharmacy Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /index.php?action=editPharmacist. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. • https://code-projects.org https://github.com/maqingnan/cve/blob/main/sql2.md https://vuldb.com/?ctiid.275729 https://vuldb.com/?id.275729 https://vuldb.com/?submit.397418 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-8146 – code-projects Pharmacy Management System index.php sql injection
https://notcve.org/view.php?id=CVE-2024-8146
A vulnerability has been found in code-projects Pharmacy Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /index.php?action=editSalesman. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. • https://code-projects.org https://github.com/maqingnan/cve/blob/main/sql1.md https://vuldb.com/?ctiid.275728 https://vuldb.com/?id.275728 https://vuldb.com/?submit.397417 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-8138 – code-projects Pharmacy Management System Parameter index.php editManager sql injection
https://notcve.org/view.php?id=CVE-2024-8138
A vulnerability, which was classified as critical, was found in code-projects Pharmacy Management System 1.0. Affected is the function editManager of the file /index.php?action=editManager of the component Parameter Handler. The manipulation of the argument id as part of String leads to sql injection. It is possible to launch the attack remotely. • https://code-projects.org https://github.com/SYQGITHUB/cve/blob/main/sql1.md https://vuldb.com/?ctiid.275718 https://vuldb.com/?id.275718 https://vuldb.com/?submit.396817 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •