CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-7134 – SourceCodester Medicine Tracking System path traversal
https://notcve.org/view.php?id=CVE-2023-7134
28 Dec 2023 — A vulnerability was found in SourceCodester Medicine Tracking System 1.0. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument page leads to path traversal: '../filedir'. • https://medium.com/@2839549219ljk/medicine-tracking-system-rce-vulnerability-1f009165b915 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-24: Path Traversal: '../filedir' •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5581 – SourceCodester Medicine Tracker System index.php cross site scripting
https://notcve.org/view.php?id=CVE-2023-5581
14 Oct 2023 — A vulnerability classified as problematic was found in SourceCodester Medicine Tracker System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument page leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/GodRone/MedicineTrackerSystem/blob/main/Medicine%20Tracker%20System_XSS.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •