October 2021 Page 8 of 357 | Cyberthreat Blog from Fortify24x7

CVE-2021-41676

Posted by Cyberthreat Blog | Oct 29, 2021 | CVE Notifications |

An SQL Injection vulnerabilty exists in the oretnom23 Pharmacy Point of Sale System 1.0 in the login function in actions.php.

CVE-2021-41675

Posted by Cyberthreat Blog | Oct 29, 2021 | CVE Notifications |

A Remote Code Execution (RCE) vulnerabilty exists in Sourcecodester E-Negosyo System 1.0 in /admin/produts/controller.php via the doInsert function, which validates images with getImageSizei. .

CVE-2021-41674

Posted by Cyberthreat Blog | Oct 29, 2021 | CVE Notifications |

An SQL Injection vulnerability exists in Sourcecodester E-Negosyo System 1.0 via the user_email parameter in /admin/login.php.

CVE-2021-41645

Posted by Cyberthreat Blog | Oct 29, 2021 | CVE Notifications |

Remote Code Execution (RCE) vulnerability exists in Sourcecodester Budget and Expense Tracker System 1.0 that allows a remote malicious user to inject arbitrary code via the image upload field. .

CVE-2021-41643

Posted by Cyberthreat Blog | Oct 29, 2021 | CVE Notifications |

Remote Code Execution (RCE) vulnerability exists in Sourcecodester Church Management System 1.0 via the image upload field.

Month: October 2021

CVE-2021-41676

CVE-2021-41675

CVE-2021-41674

CVE-2021-41645

CVE-2021-41643