Filtered by vendor Oretnom23
Subscribe
Total
753 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31344 | 1 Oretnom23 | 1 Online Car Wash Booking System | 2026-02-18 | 7.5 HIGH | 9.8 CRITICAL |
| Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/classes/Master.php?f=delete_booking. | |||||
| CVE-2022-31352 | 1 Oretnom23 | 1 Online Car Wash Booking System | 2026-02-18 | 7.5 HIGH | 9.8 CRITICAL |
| Online Car Wash Booking System v1.0 by oretnom23 has SQL injection in /ocwbs/admin/services/manage_service.php?id=. | |||||
| CVE-2022-31350 | 1 Oretnom23 | 1 Online Car Wash Booking System | 2026-02-18 | 7.5 HIGH | 9.8 CRITICAL |
| Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/vehicles/manage_vehicle.php?id=. | |||||
| CVE-2022-31345 | 1 Oretnom23 | 1 Online Car Wash Booking System | 2026-02-18 | 7.5 HIGH | 9.8 CRITICAL |
| Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/?page=user/manage_user&id=. | |||||
| CVE-2022-31351 | 1 Oretnom23 | 1 Online Car Wash Booking System | 2026-02-18 | 7.5 HIGH | 9.8 CRITICAL |
| Online Car Wash Booking System v1.0 by oretnom23 has SQL injection via /ocwbs/admin/services/manage_price.php?id=. | |||||
| CVE-2022-31353 | 1 Oretnom23 | 1 Online Car Wash Booking System | 2026-02-18 | 7.5 HIGH | 9.8 CRITICAL |
| Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/services/view_service.php?id=. | |||||
| CVE-2022-31354 | 1 Oretnom23 | 1 Online Car Wash Booking System | 2026-02-18 | 7.5 HIGH | 9.8 CRITICAL |
| Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/classes/Master.php?f=get_vehicle_service. | |||||
| CVE-2026-1745 | 1 Oretnom23 | 1 Medical Certificate Generator App | 2026-02-10 | 5.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability was determined in SourceCodester Medical Certificate Generator App 1.0. This affects an unknown part. This manipulation causes cross-site request forgery. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2026-2159 | 1 Oretnom23 | 1 Simple Responsive Tourism Website | 2026-02-10 | 5.0 MEDIUM | 4.3 MEDIUM |
| A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected is an unknown function of the file /tourism/classes/Master.php?f=register of the component Registration. Executing a manipulation of the argument firstname/lastname/username can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used. | |||||
| CVE-2026-2160 | 1 Oretnom23 | 1 Simple Responsive Tourism Website | 2026-02-10 | 5.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /tourism/classes/Master.php?f=save_package. The manipulation of the argument Title leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2023-43944 | 1 Oretnom23 | 1 Task Management System | 2026-01-27 | N/A | 5.4 MEDIUM |
| A Stored Cross Site Scripting (XSS) vulnerability was found in SourceCodester Task Management System 1.0. It allows attackers to execute arbitrary code via parameter field in index.php?page=project_list. | |||||
| CVE-2024-7930 | 1 Oretnom23 | 1 Clinic\'s Patient Management System | 2026-01-23 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability has been found in SourceCodester Clinics Patient Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /pms/ajax/get_packings.php. The manipulation of the argument medicine_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2023-7123 | 1 Oretnom23 | 1 Medicine Tracker System | 2026-01-23 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability, which was classified as critical, has been found in SourceCodester Medicine Tracking System 1.0. This issue affects some unknown processing of the file /classes/Master.php? f=save_medicine. The manipulation of the argument id/name/description leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249095. | |||||
| CVE-2024-7841 | 1 Oretnom23 | 1 Clinic\'s Patient Management System | 2026-01-23 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical was found in SourceCodester Clinics Patient Management System 1.0. This vulnerability affects unknown code of the file /pms/ajax/check_user_name.php. The manipulation of the argument user_name leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2021-41659 | 1 Oretnom23 | 1 Banking System | 2025-12-16 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in Sourcecodester Banking System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username or password field. | |||||
| CVE-2022-26644 | 1 Oretnom23 | 1 Banking System | 2025-12-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| Online Banking System Protect v1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via parameters on user profile, system_info and accounts management. | |||||
| CVE-2022-26645 | 1 Oretnom23 | 1 Banking System | 2025-12-16 | 7.5 HIGH | 9.8 CRITICAL |
| A remote code execution (RCE) vulnerability in Online Banking System Protect v1.0 allows attackers to execute arbitrary code via a crafted PHP file uploaded through the Upload Image function. | |||||
| CVE-2022-26646 | 1 Oretnom23 | 1 Banking System | 2025-12-16 | 7.5 HIGH | 9.8 CRITICAL |
| Online Banking System Protect v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the pages parameter. | |||||
| CVE-2025-14221 | 1 Oretnom23 | 1 Banking System | 2025-12-09 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability was detected in SourceCodester Online Banking System 1.0. This impacts an unknown function of the file /?page=user. The manipulation of the argument First Name/Last Name results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used. | |||||
| CVE-2025-65881 | 1 Oretnom23 | 1 Zoo Management System | 2025-12-05 | N/A | 6.1 MEDIUM |
| Sourcecodester Zoo Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /classes/Login.php. | |||||