漏洞描述
Code-Projects Medical Store Management System是Code-Projects开源的一个药店管理系统。 Code-Projects Medical Store Management System 1.0版本存在注入漏洞,该漏洞源于对文件MainPanel.java中参数searchTxt的错误操作导致SQL注入攻击。
Code-Projects Medical Store Management System 注入漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2019-14950: WP Live Chat Support <= 8.0.27 — Stored Cross-Site Scripting
- POC CVE-2024-47374: LiteSpeed Cache <= 6.5.0.2 - Stored XSS
- POC CVE-2021-4462: Employee Records System 1.0 - Unauthenticated File Upload RCE
- POC CVE-2023-2734: MStore API <= 3.9.1 - Authentication Bypass
- POC CVE-2023-3277: MStore API <= 4.10.7 - Unauthorized Account Access and Privilege Escalation
- POC CVE-2023-38875: PHP Login System 2.0.1 - Cross-Site Scripting
- 中成科信票务管理系统 /SystemManager/Api/TicketManager.ashx SQL 注入漏洞
- 新视窗新一代物业管理系统 /OfficeManagement/RegisterManager/Report/Training/Report/GetprintData.asmx SQL 注入漏洞
- 泛微e-office /E-mobile/App/System/UserSelect/dept.php 未授权访问漏洞
- School Fees Payment System /student.php SQL 注入漏洞(CVE-2025-6403)
- POC CVE-2025-51990: XWiki – Stored Cross-Site Scripting (XSS)
- (CVE-2021-4462)Employee Records System 1.0任意文件上传漏洞
- POC CVE-2025-6403: Code-Projects School Fees Payment System 1.0 - SQL Injection