VYPR
Vendor

Rickxy

Products
1
CVEs
12
Across products
12
Status
Private

Products

1

Recent CVEs

12
  • CVE-2026-6602HigApr 20, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in rickxy Hospital Management System up to 88a4290d957dc5bdde8a56e5ad451ad14f7f90f4. Affected is an unknown function of the file /backend/admin/his_admin_account.php. The manipulation of the argument ad_dpic results in unrestricted upload. The attack…

  • CVE-2025-14568MedDec 12, 2025
    risk 0.41cvss 6.3epss 0.00

    A security vulnerability has been detected in haxxorsid Stock-Management-System up to fbbbf213e9c93b87183a3891f77e3cc7095f22b0. This impacts an unknown function of the file model/User.php. The manipulation of the argument employee_id/id/admin leads to sql injection. The attack…

  • CVE-2025-14567Dec 12, 2025
    risk 0.00cvss epss 0.01

    A weakness has been identified in haxxorsid Stock-Management-System up to fbbbf213e9c93b87183a3891f77e3cc7095f22b0. This affects an unknown function of the file /api/employees. Executing manipulation can lead to missing authentication. It is possible to launch the attack…

  • CVE-2025-63497Nov 10, 2025
    risk 0.00cvss epss 0.00

    The patient prescription viewing functionality in his_doc_view_single_patient.php of rickxy Hospital Management System version 1.0 contains an SQL injection vulnerability. The pat_number GET parameter is directly concatenated into SQL queries without proper sanitization,…

  • CVE-2022-4089Nov 24, 2022
    risk 0.00cvss epss 0.00

    A vulnerability was found in rickxy Stock Management System. It has been declared as problematic. This vulnerability affects unknown code of the file /pages/processlogin.php. The manipulation of the argument user leads to cross site scripting. The attack can be initiated…

  • CVE-2022-4088Nov 24, 2022
    risk 0.00cvss epss 0.01

    A vulnerability was found in rickxy Stock Management System and classified as critical. Affected by this issue is some unknown functionality of the file /pages/processlogin.php. The manipulation of the argument user/password leads to sql injection. The attack may be launched…

  • CVE-2022-4090Nov 24, 2022
    risk 0.00cvss epss 0.00

    A vulnerability was found in rickxy Stock Management System and classified as problematic. This issue affects some unknown processing of the file us_transac.php?action=add. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit…

  • CVE-2021-44114Jan 31, 2022
    risk 0.00cvss epss 0.01

    Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Stock Management System in PHP/OOP 1.0, which allows remote malicious users to execute arbitrary remote code execution via create user function.

  • CVE-2020-24198Sep 9, 2020
    risk 0.00cvss epss 0.01

    A persistent cross-site scripting vulnerability in Sourcecodester Stock Management System v1.0 allows remote attackers to inject arbitrary web script or HTML via the 'Brand Name.'

  • CVE-2020-24197Sep 9, 2020
    risk 0.00cvss epss 0.01

    A SQL injection vulnerability in the login component in Stock Management System v1.0 allows remote attacker to execute arbitrary SQL commands via the username parameter.

  • CVE-2020-23830Sep 2, 2020
    risk 0.00cvss epss 0.01

    A Cross-Site Request Forgery (CSRF) vulnerability in changeUsername.php in SourceCodester Stock Management System v1.0 allows remote attackers to deny future logins by changing an authenticated victim's username when they visit a third-party site.

  • CVE-2020-23831Sep 1, 2020
    risk 0.00cvss epss 0.01

    A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php login-portal webpage of SourceCodester Stock Management System v1.0 allows remote attackers to harvest login credentials and session cookies when an unauthenticated victim clicks on a malicious URL and enters…