Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Phptpoint Subscribe
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-34953 1 Phptpoint 1 Pharmacy Management System 2023-12-10 N/A 9.8 CRITICAL
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getOrderReport.php.
CVE-2022-34952 1 Phptpoint 1 Pharmacy Management System 2023-12-10 N/A 9.8 CRITICAL
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at edituser.php.
CVE-2022-34954 1 Phptpoint 1 Pharmacy Management System 2023-12-10 N/A 9.8 CRITICAL
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at invoiceprint.php.
CVE-2022-34951 1 Phptpoint 1 Pharmacy Management System 2023-12-10 N/A 9.8 CRITICAL
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getsalereport.php.
CVE-2018-18704 1 Phptpoint 1 Pharmacy Management System 2023-12-10 7.5 HIGH 9.8 CRITICAL
PhpTpoint Pharmacy Management System suffers from a SQL injection vulnerability in the index.php username parameter.
CVE-2018-18705 1 Phptpoint 1 Hospital Management System 2023-12-10 7.5 HIGH 9.8 CRITICAL
PhpTpoint hospital management system suffers from multiple SQL injection vulnerabilities via the index.php user parameter associated with LOGIN.php, or the rno parameter to ALIST.php, DUNDEL.php, PDEL.php, or PUNDEL.php.
CVE-2018-18703 1 Phptpoint 1 Mailing Server Using File Handling 2023-12-10 5.0 MEDIUM 7.5 HIGH
PhpTpoint Mailing Server Using File Handling 1.0 suffers from multiple Arbitrary File Read vulnerabilities in different sections that allow an attacker to read sensitive files on the system via directory traversal, bypassing the login page, as demonstrated by the Mailserver_filesystem/home.php coninb, consent, contrsh, condrft, or conspam parameter.