Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Phptpoint Subscribe
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-34953 1 Phptpoint 1 Pharmacy Management System 2022-08-05 N/A 9.8 CRITICAL
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getOrderReport.php.
CVE-2022-34952 1 Phptpoint 1 Pharmacy Management System 2022-08-05 N/A 9.8 CRITICAL
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at edituser.php.
CVE-2022-34951 1 Phptpoint 1 Pharmacy Management System 2022-08-05 N/A 9.8 CRITICAL
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getsalereport.php.
CVE-2022-34954 1 Phptpoint 1 Pharmacy Management System 2022-08-04 N/A 9.8 CRITICAL
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at invoiceprint.php.
CVE-2018-18703 1 Phptpoint 1 Mailing Server Using File Handling 2018-12-04 5.0 MEDIUM 7.5 HIGH
PhpTpoint Mailing Server Using File Handling 1.0 suffers from multiple Arbitrary File Read vulnerabilities in different sections that allow an attacker to read sensitive files on the system via directory traversal, bypassing the login page, as demonstrated by the Mailserver_filesystem/home.php coninb, consent, contrsh, condrft, or conspam parameter.
CVE-2018-18705 1 Phptpoint 1 Hospital Management System 2018-12-04 7.5 HIGH 9.8 CRITICAL
PhpTpoint hospital management system suffers from multiple SQL injection vulnerabilities via the index.php user parameter associated with LOGIN.php, or the rno parameter to ALIST.php, DUNDEL.php, PDEL.php, or PUNDEL.php.
CVE-2018-18704 1 Phptpoint 1 Pharmacy Management System 2018-12-04 7.5 HIGH 9.8 CRITICAL
PhpTpoint Pharmacy Management System suffers from a SQL injection vulnerability in the index.php username parameter.