Patient Record Management System version 1.0 suffers from an authentication bypass vulnerability during account recovery.
fcbfb754db1b7a2c678e6eb2a40d7a65fc9eaf4b77ffc390b629b6009685d209
Revenue Collection System version 1.0 suffers from a persistent cross site scripting vulnerability allowing an authenticated client user to add an administrative user account to the application then log in as the newly created admin.
c480b839cfd03e90fa43402bbfa8f8ab4dc9db4461d292dd292b3383bf3c5995
Revenue Collection System version 1.0 suffers from an unauthenticated SQL injection vulnerability in step1.php that allows remote attackers to write a malicious PHP file to disk. The resulting file can then be accessed within the /rates/admin/DBbackup directory. This script will write the malicious PHP file to disk, issue a user-defined command, then retrieve the result of that command.
b41c4f6c71ea1156cfd52b2bd3c354cdb2fc0372d5b22d463c64b50c55b777c0
Online Market Place Site version 1.0 suffers from a persistent cross site scripting vulnerability.
6dbdfadfd046c1d428d90778b682265b97787399b579cf8c236ae782a910255b
Online Market Place Site version 1.0 suffers from an unauthenticated blind SQL injection vulnerability allowing remote attackers to dump the SQL database via time-based SQL injection.
055275be279445d5466385d61a0e67c90bd2c9c88469b4e802f1402fe98446be