Online Diagnostic Lab Management System Project CVE

Filtered by vendor Online Diagnostic Lab Management System Project Subscribe

Total 26 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-41533	1 Online Diagnostic Lab Management System Project	1 Online Diagnostic Lab Management System	2024-11-21	N/A	7.2 HIGH
Online Diagnostic Lab Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /php_action/editProductImage.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
CVE-2022-41513	1 Online Diagnostic Lab Management System Project	1 Online Diagnostic Lab Management System	2024-11-21	N/A	7.2 HIGH
Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /diagnostic/edittest.php.
CVE-2022-41512	1 Online Diagnostic Lab Management System Project	1 Online Diagnostic Lab Management System	2024-11-21	N/A	7.2 HIGH
An arbitrary file upload vulnerability in the component /php_action/editFile.php of Online Diagnostic Lab Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
CVE-2022-37152	1 Online Diagnostic Lab Management System Project	1 Online Diagnostic Lab Management System	2024-11-21	N/A	9.8 CRITICAL
An issue was discovered in Online Diagnostic Lab Management System 1.0, There is a SQL injection vulnerability via "dob" parameter in "/classes/Users.php?f=save_client"
CVE-2022-37151	1 Online Diagnostic Lab Management System Project	1 Online Diagnostic Lab Management System	2024-11-21	N/A	7.5 HIGH
There is an unauthorized access vulnerability in Online Diagnostic Lab Management System 1.0.
CVE-2022-37150	1 Online Diagnostic Lab Management System Project	1 Online Diagnostic Lab Management System	2024-11-21	N/A	5.4 MEDIUM
An issue was discovered in Online Diagnostic Lab Management System 1.0. There is a stored XSS vulnerability via firstname, address, middlename, lastname , gender, email, contact parameters.

Vulnerabilities (CVE)