Filtered by vendor Oretnom23
Subscribe
Filtered by product Online Medicine Ordering System
Subscribe
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-3140 | 1 Oretnom23 | 1 Online Medicine Ordering System | 2025-04-09 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file /view_category.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-3141 | 1 Oretnom23 | 1 Online Medicine Ordering System | 2025-04-09 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /manage_category.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-25217 | 1 Oretnom23 | 1 Online Medicine Ordering System | 2025-03-27 | N/A | 9.8 CRITICAL |
| Online Medicine Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /omos/?p=products/view_product. | |||||
| CVE-2024-32167 | 1 Oretnom23 | 1 Online Medicine Ordering System | 2024-11-21 | N/A | 9.1 CRITICAL |
| Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Arbitrary file deletion vulnerability as the backend settings have the function of deleting pictures to delete any files. | |||||
| CVE-2022-3716 | 1 Oretnom23 | 1 Online Medicine Ordering System | 2024-11-21 | N/A | 3.5 LOW |
| A vulnerability classified as problematic was found in SourceCodester Online Medicine Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /omos/admin/?page=user/list. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-212347. | |||||
| CVE-2022-3714 | 1 Oretnom23 | 1 Online Medicine Ordering System | 2024-11-21 | N/A | 5.0 MEDIUM |
| A vulnerability classified as critical has been found in SourceCodester Online Medicine Ordering System 1.0. Affected is an unknown function of the file admin/?page=orders/view_order. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. VDB-212346 is the identifier assigned to this vulnerability. | |||||