Online Diagnostic Lab Management System
by Online Diagnostic Lab Management System
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-42064 | Cri | 0.64 | 9.8 | 0.01 | Oct 14, 2022 | Online Diagnostic Lab Management System version 1.0 remote exploit that bypasses login with SQL injection and then uploads a shell. | ||
| CVE-2022-37152 | Cri | 0.64 | 9.8 | 0.01 | Aug 26, 2022 | An issue was discovered in Online Diagnostic Lab Management System 1.0, There is a SQL injection vulnerability via "dob" parameter in "/classes/Users.php?f=save_client" | ||
| CVE-2024-48597 | Hig | 0.53 | 8.1 | 0.00 | Oct 21, 2024 | Online Clinic Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /success/editp.php?action=edit. | ||
| CVE-2024-26492 | Med | 0.41 | 6.3 | 0.01 | Mar 7, 2024 | An issue in Online Diagnostic Lab Management System 1.0 allows a remote attacker to gain control of a 'Staff' user account via a crafted POST request using the id, email, password, and cpass parameters. | ||
| CVE-2022-37150 | Med | 0.35 | 5.4 | 0.00 | Aug 26, 2022 | An issue was discovered in Online Diagnostic Lab Management System 1.0. There is a stored XSS vulnerability via firstname, address, middlename, lastname , gender, email, contact parameters. |
- risk 0.64cvss 9.8epss 0.01
Online Diagnostic Lab Management System version 1.0 remote exploit that bypasses login with SQL injection and then uploads a shell.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in Online Diagnostic Lab Management System 1.0, There is a SQL injection vulnerability via "dob" parameter in "/classes/Users.php?f=save_client"
- risk 0.53cvss 8.1epss 0.00
Online Clinic Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /success/editp.php?action=edit.
- risk 0.41cvss 6.3epss 0.01
An issue in Online Diagnostic Lab Management System 1.0 allows a remote attacker to gain control of a 'Staff' user account via a crafted POST request using the id, email, password, and cpass parameters.
- risk 0.35cvss 5.4epss 0.00
An issue was discovered in Online Diagnostic Lab Management System 1.0. There is a stored XSS vulnerability via firstname, address, middlename, lastname , gender, email, contact parameters.