Phptpoint: Security Vulnerabilities
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getsalereport.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-08-02
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at edituser.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-08-02
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getOrderReport.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-08-02
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at invoiceprint.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-08-02
PhpTpoint Mailing Server Using File Handling 1.0 suffers from multiple Arbitrary File Read vulnerabilities in different sections that allow an attacker to read sensitive files on the system via directory traversal, bypassing the login page, as demonstrated by the Mailserver_filesystem/home.php coninb, consent, contrsh, condrft, or conspam parameter.
CVSS Score
7.5
EPSS Score
0.043
Published
2018-10-29
PhpTpoint Pharmacy Management System suffers from a SQL injection vulnerability in the index.php username parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-10-29
PhpTpoint hospital management system suffers from multiple SQL injection vulnerabilities via the index.php user parameter associated with LOGIN.php, or the rno parameter to ALIST.php, DUNDEL.php, PDEL.php, or PUNDEL.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-10-29