CVE-2023-7134 – SourceCodester Medicine Tracking System path traversal
https://notcve.org/view.php?id=CVE-2023-7134
A vulnerability was found in SourceCodester Medicine Tracking System 1.0. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument page leads to path traversal: '../filedir'. • https://medium.com/@2839549219ljk/medicine-tracking-system-rce-vulnerability-1f009165b915 https://vuldb.com/?ctiid.249137 https://vuldb.com/?id.249137 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-24: Path Traversal: '../filedir' •
CVE-2023-5581 – SourceCodester Medicine Tracker System index.php cross site scripting
https://notcve.org/view.php?id=CVE-2023-5581
A vulnerability classified as problematic was found in SourceCodester Medicine Tracker System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument page leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/GodRone/MedicineTrackerSystem/blob/main/Medicine%20Tracker%20System_XSS.md https://vuldb.com/?ctiid.242146 https://vuldb.com/?id.242146 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •