CVE-2021-42868

A Cross Site Scripting (XSS) vulnerability exists in Chikista Patient Management Software 2.0.2 in the first_name parameter in (1) patient/insert, (2) patient_report, (3) appointment_report, (4) visit_report, and (5) bill_detail_report pages. .

Source: CVE-2021-42868

CVE-2021-36625

An SQL Injection vulnerability exists in Dolibarr ERP/CRM 13.0.2 (fixed version is 14.0.0) via a POST request to the country_id parameter in an UPDATE statement.

Source: CVE-2021-36625

CVE-2021-43505

Multiple Cross Site Scripting (XSS) vulnerabilities exist in Ssourcecodester Simple Client Management System v1 via (1) Add new Client and (2) Add new invoice.

Source: CVE-2021-43505

CVE-2021-43506

An SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the password parameter in Login.php.

Source: CVE-2021-43506

CVE-2021-34257

Multiple Remote Code Execution (RCE) vulnerabilities exist in WPanel 4 4.3.1 and below via a malicious PHP file upload to (1) Dashboard’s Avatar image, (2) Posts Folder image, (3) Pages Folder image and (4) Gallery Folder image.

Source: CVE-2021-34257

CVE-2022-0350

Cross-site Scripting (XSS) – Stored in GitHub repository vanessa219/vditor prior to 3.8.13.

Source: CVE-2022-0350