Vendor CVEs
Oretnom23
All CVEs
440 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-3519 | 0.00 | — | 0.00 | Oct 15, 2022 | A vulnerability classified as problematic was found in SourceCodester Sanitization Management System 1.0. Affected by this vulnerability is an unknown functionality of the component Quote Requests Tab. The manipulation of the argument Manage Remarks leads to cross site… | |||
| CVE-2022-3504 | 0.00 | — | 0.01 | Oct 14, 2022 | A vulnerability was found in SourceCodester Sanitization Management System and classified as critical. This issue affects some unknown processing of the file /php-sms/?p=services/view_service. The manipulation of the argument id leads to sql injection. The attack may be… | |||
| CVE-2022-42232 | 0.00 | — | 0.01 | Oct 14, 2022 | Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/classes/Master.php?f=delete_storage. | |||
| CVE-2022-3505 | 0.00 | — | 0.00 | Oct 14, 2022 | A vulnerability was found in SourceCodester Sanitization Management System. It has been classified as problematic. Affected is an unknown function of the file /php-sms/admin/. The manipulation of the argument page leads to cross site scripting. It is possible to launch the… | |||
| CVE-2022-42230 | 0.00 | — | 0.01 | Oct 11, 2022 | Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/admin/?page=user/manage_user&id=. | |||
| CVE-2022-41378 | 0.00 | — | 0.01 | Oct 7, 2022 | Online Pet Shop We App v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /pet_shop/admin/?page=inventory/manage_inventory. | |||
| CVE-2022-41355 | 0.00 | — | 0.01 | Oct 6, 2022 | Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /leave_system/classes/Master.php?f=delete_department. | |||
| CVE-2022-42243 | 0.00 | — | 0.01 | Oct 6, 2022 | Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/manage_storage.php?id=. | |||
| CVE-2022-3332 | 0.00 | — | 0.01 | Sep 28, 2022 | A vulnerability classified as critical has been found in SourceCodester Food Ordering Management System. This affects an unknown part of the file router.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql injection. It is possible… | |||
| CVE-2022-40926 | 0.00 | — | 0.01 | Sep 26, 2022 | Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_leave_type. | |||
| CVE-2022-40933 | 0.00 | — | 0.01 | Sep 22, 2022 | Online Pet Shop We App v1.0 by oretnom23 is vulnerable to SQL injection via /pet_shop/classes/Master.php?f=delete_order,id. | |||
| CVE-2022-37139 | 0.00 | — | 0.00 | Sep 14, 2022 | Loan Management System version 1.0 suffers from a persistent cross site scripting vulnerability. | |||
| CVE-2022-38304 | 0.00 | — | 0.01 | Sep 12, 2022 | Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /maintenance/manage_leave_type.php. | |||
| CVE-2022-38303 | 0.00 | — | 0.01 | Sep 12, 2022 | Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /employees/manage_leave_type.php. | |||
| CVE-2022-36688 | 0.00 | — | 0.01 | Aug 29, 2022 | Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockout&month=. | |||
| CVE-2022-36687 | 0.00 | — | 0.01 | Aug 29, 2022 | Ingredients Stock Management System v1.0 was discovered to contain an arbitrary file deletion vulnerability via the component /classes/Master.php?f=delete_img. | |||
| CVE-2022-36686 | 0.00 | — | 0.01 | Aug 29, 2022 | Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockin&month=. | |||
| CVE-2022-3015 | 0.00 | — | 0.00 | Aug 27, 2022 | A vulnerability, which was classified as problematic, has been found in oretnom23 Fast Food Ordering System. This issue affects some unknown processing of the file admin/?page=reports. The manipulation of the argument date leads to cross site scripting. The attack may be… | |||
| CVE-2022-3012 | 0.00 | — | 0.01 | Aug 27, 2022 | A vulnerability was found in oretnom23 Fast Food Ordering System. It has been rated as critical. Affected by this issue is some unknown functionality of the file ffos/admin/reports/index.php. The manipulation of the argument date leads to sql injection. The attack may be… | |||
| CVE-2022-36697 | 0.00 | — | 0.01 | Aug 25, 2022 | Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_waste. | |||
| CVE-2022-36695 | 0.00 | — | 0.01 | Aug 25, 2022 | Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_stockin. | |||
| CVE-2022-36692 | 0.00 | — | 0.01 | Aug 25, 2022 | Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_category. | |||
| CVE-2022-36700 | 0.00 | — | 0.01 | Aug 25, 2022 | Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/manage_item.php. | |||
| CVE-2022-36701 | 0.00 | — | 0.01 | Aug 25, 2022 | Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/view_item.php. | |||
| CVE-2022-36698 | 0.00 | — | 0.01 | Aug 25, 2022 | Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/view_category.php. | |||
| CVE-2022-36703 | 0.00 | — | 0.01 | Aug 25, 2022 | Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /stocks/manage_stockin.php. | |||
| CVE-2022-36699 | 0.00 | — | 0.01 | Aug 25, 2022 | Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/manage_category.php. | |||
| CVE-2022-2766 | 0.00 | — | 0.01 | Aug 11, 2022 | A vulnerability was found in SourceCodester Loan Management System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument password leads to sql injection. The attack may be launched remotely.… | |||
| CVE-2022-2686 | 0.00 | — | 0.00 | Aug 6, 2022 | A vulnerability, which was classified as problematic, was found in oretnom23 Fast Food Ordering System. This affects an unknown part of the component Menu List Page. The manipulation of the argument Description leads to cross site scripting. It is possible to initiate the attack… | |||
| CVE-2022-2667 | 0.00 | — | 0.01 | Aug 5, 2022 | A vulnerability was found in SourceCodester Loan Management System and classified as critical. This issue affects some unknown processing of the file delete_lplan.php. The manipulation of the argument lplan_id leads to sql injection. The attack may be initiated remotely. The… | |||
| CVE-2022-31941 | 0.00 | — | 0.01 | Jun 17, 2022 | Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via \rdms\admin?page=user\manage_user&id=. | |||
| CVE-2022-32335 | 0.00 | — | 0.01 | Jun 14, 2022 | Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/manage_menu.php?id=. | |||
| CVE-2022-32334 | 0.00 | — | 0.01 | Jun 14, 2022 | Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/categories/manage_category.php?id=. | |||
| CVE-2022-32332 | 0.00 | — | 0.01 | Jun 14, 2022 | Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=delete_category. | |||
| CVE-2022-31966 | 0.00 | — | 0.01 | Jun 1, 2022 | ChatBot App with Suggestion v1.0 is vulnerable to Delete any file via /simple_chat_bot/classes/Master.php?f=delete_img. | |||
| CVE-2022-31969 | 0.00 | — | 0.01 | Jun 1, 2022 | ChatBot App with Suggestion v1.0 is vulnerable to SQL Injection via /simple_chat_bot/admin/?page=user/manage_user&id=. | |||
| CVE-2022-31970 | 0.00 | — | 0.01 | Jun 1, 2022 | ChatBot App with Suggestion v1.0 is vulnerable to SQL Injection via /simple_chat_bot/admin/?page=responses/manage_response&id=. | |||
| CVE-2022-31945 | 0.00 | — | 0.01 | Jun 1, 2022 | Rescue Dispatch Management System v1.0 is vulnerable to Delete any file via /rdms/classes/Master.php?f=delete_img. | |||
| CVE-2022-31946 | 0.00 | — | 0.01 | Jun 1, 2022 | Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=delete_team. | |||
| CVE-2022-31951 | 0.00 | — | 0.01 | Jun 1, 2022 | Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=delete_respondent_type. | |||
| CVE-2022-31952 | 0.00 | — | 0.01 | Jun 1, 2022 | Rescue Dispatch Management System v1.0 is vulnerable to SQL injection via /rdms/classes/Master.php?f=delete_incident. | |||
| CVE-2022-31953 | 0.00 | — | 0.01 | Jun 1, 2022 | Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incident_reports/view_report.php?id=. | |||
| CVE-2022-31956 | 0.00 | — | 0.01 | Jun 1, 2022 | Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incident_reports/manage_report.php?id=. | |||
| CVE-2022-31959 | 0.00 | — | 0.01 | Jun 1, 2022 | Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/teams/manage_team.php?id=. | |||
| CVE-2022-31961 | 0.00 | — | 0.01 | Jun 1, 2022 | Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incidents/manage_incident.php?id=. | |||
| CVE-2022-31962 | 0.00 | — | 0.01 | Jun 1, 2022 | Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incidents/view_incident.php?id=. | |||
| CVE-2022-31964 | 0.00 | — | 0.01 | Jun 1, 2022 | Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via rdms/admin/respondent_types/view_respondent_type.php?id=. | |||
| CVE-2022-31343 | 0.00 | — | 0.01 | Jun 1, 2022 | Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/?page=bookings/view_details&id=. | |||
| CVE-2022-31344 | 0.00 | — | 0.01 | Jun 1, 2022 | Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/classes/Master.php?f=delete_booking. | |||
| CVE-2022-31345 | 0.00 | — | 0.01 | Jun 1, 2022 | Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/?page=user/manage_user&id=. |
- CVE-2022-3519Oct 15, 2022risk 0.00cvss —epss 0.00
A vulnerability classified as problematic was found in SourceCodester Sanitization Management System 1.0. Affected by this vulnerability is an unknown functionality of the component Quote Requests Tab. The manipulation of the argument Manage Remarks leads to cross site…
- CVE-2022-3504Oct 14, 2022risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Sanitization Management System and classified as critical. This issue affects some unknown processing of the file /php-sms/?p=services/view_service. The manipulation of the argument id leads to sql injection. The attack may be…
- CVE-2022-42232Oct 14, 2022risk 0.00cvss —epss 0.01
Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/classes/Master.php?f=delete_storage.
- CVE-2022-3505Oct 14, 2022risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Sanitization Management System. It has been classified as problematic. Affected is an unknown function of the file /php-sms/admin/. The manipulation of the argument page leads to cross site scripting. It is possible to launch the…
- CVE-2022-42230Oct 11, 2022risk 0.00cvss —epss 0.01
Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/admin/?page=user/manage_user&id=.
- CVE-2022-41378Oct 7, 2022risk 0.00cvss —epss 0.01
Online Pet Shop We App v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /pet_shop/admin/?page=inventory/manage_inventory.
- CVE-2022-41355Oct 6, 2022risk 0.00cvss —epss 0.01
Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /leave_system/classes/Master.php?f=delete_department.
- CVE-2022-42243Oct 6, 2022risk 0.00cvss —epss 0.01
Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/manage_storage.php?id=.
- CVE-2022-3332Sep 28, 2022risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester Food Ordering Management System. This affects an unknown part of the file router.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql injection. It is possible…
- CVE-2022-40926Sep 26, 2022risk 0.00cvss —epss 0.01
Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_leave_type.
- CVE-2022-40933Sep 22, 2022risk 0.00cvss —epss 0.01
Online Pet Shop We App v1.0 by oretnom23 is vulnerable to SQL injection via /pet_shop/classes/Master.php?f=delete_order,id.
- CVE-2022-37139Sep 14, 2022risk 0.00cvss —epss 0.00
Loan Management System version 1.0 suffers from a persistent cross site scripting vulnerability.
- CVE-2022-38304Sep 12, 2022risk 0.00cvss —epss 0.01
Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /maintenance/manage_leave_type.php.
- CVE-2022-38303Sep 12, 2022risk 0.00cvss —epss 0.01
Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /employees/manage_leave_type.php.
- CVE-2022-36688Aug 29, 2022risk 0.00cvss —epss 0.01
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockout&month=.
- CVE-2022-36687Aug 29, 2022risk 0.00cvss —epss 0.01
Ingredients Stock Management System v1.0 was discovered to contain an arbitrary file deletion vulnerability via the component /classes/Master.php?f=delete_img.
- CVE-2022-36686Aug 29, 2022risk 0.00cvss —epss 0.01
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockin&month=.
- CVE-2022-3015Aug 27, 2022risk 0.00cvss —epss 0.00
A vulnerability, which was classified as problematic, has been found in oretnom23 Fast Food Ordering System. This issue affects some unknown processing of the file admin/?page=reports. The manipulation of the argument date leads to cross site scripting. The attack may be…
- CVE-2022-3012Aug 27, 2022risk 0.00cvss —epss 0.01
A vulnerability was found in oretnom23 Fast Food Ordering System. It has been rated as critical. Affected by this issue is some unknown functionality of the file ffos/admin/reports/index.php. The manipulation of the argument date leads to sql injection. The attack may be…
- CVE-2022-36697Aug 25, 2022risk 0.00cvss —epss 0.01
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_waste.
- CVE-2022-36695Aug 25, 2022risk 0.00cvss —epss 0.01
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_stockin.
- CVE-2022-36692Aug 25, 2022risk 0.00cvss —epss 0.01
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_category.
- CVE-2022-36700Aug 25, 2022risk 0.00cvss —epss 0.01
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/manage_item.php.
- CVE-2022-36701Aug 25, 2022risk 0.00cvss —epss 0.01
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/view_item.php.
- CVE-2022-36698Aug 25, 2022risk 0.00cvss —epss 0.01
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/view_category.php.
- CVE-2022-36703Aug 25, 2022risk 0.00cvss —epss 0.01
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /stocks/manage_stockin.php.
- CVE-2022-36699Aug 25, 2022risk 0.00cvss —epss 0.01
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/manage_category.php.
- CVE-2022-2766Aug 11, 2022risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Loan Management System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument password leads to sql injection. The attack may be launched remotely.…
- CVE-2022-2686Aug 6, 2022risk 0.00cvss —epss 0.00
A vulnerability, which was classified as problematic, was found in oretnom23 Fast Food Ordering System. This affects an unknown part of the component Menu List Page. The manipulation of the argument Description leads to cross site scripting. It is possible to initiate the attack…
- CVE-2022-2667Aug 5, 2022risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Loan Management System and classified as critical. This issue affects some unknown processing of the file delete_lplan.php. The manipulation of the argument lplan_id leads to sql injection. The attack may be initiated remotely. The…
- CVE-2022-31941Jun 17, 2022risk 0.00cvss —epss 0.01
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via \rdms\admin?page=user\manage_user&id=.
- CVE-2022-32335Jun 14, 2022risk 0.00cvss —epss 0.01
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/manage_menu.php?id=.
- CVE-2022-32334Jun 14, 2022risk 0.00cvss —epss 0.01
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/categories/manage_category.php?id=.
- CVE-2022-32332Jun 14, 2022risk 0.00cvss —epss 0.01
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=delete_category.
- CVE-2022-31966Jun 1, 2022risk 0.00cvss —epss 0.01
ChatBot App with Suggestion v1.0 is vulnerable to Delete any file via /simple_chat_bot/classes/Master.php?f=delete_img.
- CVE-2022-31969Jun 1, 2022risk 0.00cvss —epss 0.01
ChatBot App with Suggestion v1.0 is vulnerable to SQL Injection via /simple_chat_bot/admin/?page=user/manage_user&id=.
- CVE-2022-31970Jun 1, 2022risk 0.00cvss —epss 0.01
ChatBot App with Suggestion v1.0 is vulnerable to SQL Injection via /simple_chat_bot/admin/?page=responses/manage_response&id=.
- CVE-2022-31945Jun 1, 2022risk 0.00cvss —epss 0.01
Rescue Dispatch Management System v1.0 is vulnerable to Delete any file via /rdms/classes/Master.php?f=delete_img.
- CVE-2022-31946Jun 1, 2022risk 0.00cvss —epss 0.01
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=delete_team.
- CVE-2022-31951Jun 1, 2022risk 0.00cvss —epss 0.01
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=delete_respondent_type.
- CVE-2022-31952Jun 1, 2022risk 0.00cvss —epss 0.01
Rescue Dispatch Management System v1.0 is vulnerable to SQL injection via /rdms/classes/Master.php?f=delete_incident.
- CVE-2022-31953Jun 1, 2022risk 0.00cvss —epss 0.01
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incident_reports/view_report.php?id=.
- CVE-2022-31956Jun 1, 2022risk 0.00cvss —epss 0.01
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incident_reports/manage_report.php?id=.
- CVE-2022-31959Jun 1, 2022risk 0.00cvss —epss 0.01
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/teams/manage_team.php?id=.
- CVE-2022-31961Jun 1, 2022risk 0.00cvss —epss 0.01
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incidents/manage_incident.php?id=.
- CVE-2022-31962Jun 1, 2022risk 0.00cvss —epss 0.01
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incidents/view_incident.php?id=.
- CVE-2022-31964Jun 1, 2022risk 0.00cvss —epss 0.01
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via rdms/admin/respondent_types/view_respondent_type.php?id=.
- CVE-2022-31343Jun 1, 2022risk 0.00cvss —epss 0.01
Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/?page=bookings/view_details&id=.
- CVE-2022-31344Jun 1, 2022risk 0.00cvss —epss 0.01
Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/classes/Master.php?f=delete_booking.
- CVE-2022-31345Jun 1, 2022risk 0.00cvss —epss 0.01
Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/?page=user/manage_user&id=.
Page 7 of 9