CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4200 – SourceCodester Inventory Management System product_data.php. sql injection
https://notcve.org/view.php?id=CVE-2023-4200
A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file product_data.php.. The manipulation of the argument columns[1][data] leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Yesec/Inventory-Management-System/blob/main/SQL%20Injection%20in%20product_data.php/vuln.md https://vuldb.com/?ctiid.236290 https://vuldb.com/?id.236290 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4199 – SourceCodester Inventory Management System catagory_data.php sql injection
https://notcve.org/view.php?id=CVE-2023-4199
A vulnerability, which was classified as critical, was found in SourceCodester Inventory Management System 1.0. This affects an unknown part of the file catagory_data.php. The manipulation of the argument columns[1][data] leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Yesec/Inventory-Management-System/blob/main/SQL%20Injection%20in%20catagory_data.php/vuln.md https://vuldb.com/?ctiid.236289 https://vuldb.com/?id.236289 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4185 – SourceCodester Online Hospital Management System patientlogin.php sql injection
https://notcve.org/view.php?id=CVE-2023-4185
A vulnerability was found in SourceCodester Online Hospital Management System 1.0. It has been classified as critical. Affected is an unknown function of the file patientlogin.php. The manipulation of the argument loginid/password leads to sql injection. It is possible to launch the attack remotely. • https://github.com/Yusoyea/VulList/blob/main/Hospital%20Management%20System%20patientlogin.php%20has%20Sqlinjection.pdf https://vuldb.com/?ctiid.236220 https://vuldb.com/?id.236220 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2023-4181 – SourceCodester Free Hospital Management System for Small Practices Redirect behavioral workflow
https://notcve.org/view.php?id=CVE-2023-4181
A vulnerability, which was classified as critical, has been found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected by this issue is some unknown functionality of the file /vm/admin/delete-doctor.php?id=2 of the component Redirect Handler. The manipulation leads to enforcement of behavioral workflow. The attack may be launched remotely. • https://github.com/Yesec/Free-Hospital-Management-System-for-Small-Practices/blob/main/vertical%20privilege%20escalation/vuln.md https://vuldb.com/?ctiid.236216 https://vuldb.com/?id.236216 • CWE-841: Improper Enforcement of Behavioral Workflow •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4180 – SourceCodester Free Hospital Management System for Small Practices login.php sql injection
https://notcve.org/view.php?id=CVE-2023-4180
A vulnerability classified as critical was found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected by this vulnerability is an unknown functionality of the file /vm/login.php. The manipulation of the argument useremail/userpassword leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Yesec/Free-Hospital-Management-System-for-Small-Practices/blob/main/SQL%20Injection%20in%20login.php/vuln.md https://vuldb.com/?ctiid.236215 https://vuldb.com/?id.236215 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •