Filtered by vendor Oretnom23
Subscribe
Total
168 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-24200 | 1 Oretnom23 | 1 Raffle Draw System | 2023-12-10 | N/A | 9.8 CRITICAL |
| Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at save_ticket.php. | |||||
| CVE-2023-24198 | 1 Oretnom23 | 1 Raffle Draw System | 2023-12-10 | N/A | 9.8 CRITICAL |
| Raffle Draw System v1.0 was discovered to contain multiple SQL injection vulnerabilities at save_winner.php via the ticket_id and draw parameters. | |||||
| CVE-2023-24201 | 1 Oretnom23 | 1 Raffle Draw System | 2023-12-10 | N/A | 9.8 CRITICAL |
| Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at get_ticket.php. | |||||
| CVE-2023-24202 | 1 Oretnom23 | 1 Raffle Draw System | 2023-12-10 | N/A | 9.8 CRITICAL |
| Raffle Draw System v1.0 was discovered to contain a local file inclusion vulnerability via the page parameter in index.php. | |||||
| CVE-2022-45033 | 1 Oretnom23 | 1 Expense Tracker | 2023-12-10 | N/A | 5.4 MEDIUM |
| A cross-site scripting (XSS) vulnerability in Expense Tracker 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat text field. | |||||
| CVE-2022-37796 | 1 Oretnom23 | 1 Simple Online Book Store System | 2023-12-10 | N/A | 5.4 MEDIUM |
| In Simple Online Book Store System 1.0 in /admin_book.php the Title, Author, and Description parameters are vulnerable to Cross Site Scripting(XSS). | |||||
| CVE-2021-45252 | 1 Oretnom23 | 1 Simple Forum\/discussion System | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple SQL injection vulnerabilities are found on Simple Forum-Discussion System 1.0 For example on three applications which are manage_topic.php, manage_user.php, and ajax.php. The attacker can be retrieving all information from the database of this system by using this vulnerability. | |||||
| CVE-2021-44653 | 1 Oretnom23 | 1 Online Magazine Management System | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Online Magazine Management System 1.0 contains a SQL injection authentication bypass vulnerability. The Admin panel authentication can be bypassed due to SQL injection vulnerability in the login form allowing attacker to gain access as admin to the application. | |||||