Ingredients Stock Management System is an ingredient stock management system from Carlo Monteroβs personal developer. v1.0 of the Ingredients Stock Management System is vulnerable to SQL injection, which originates from the lack of validation of the month parameter at /admin/?page= The vulnerability is caused by the lack of validation of external input SQL statements in the month parameter of reports/stockin&month=, which can be exploited to execute illegal SQL commands to steal database data.
CPE | Name | Operator | Version |
---|---|---|---|
carlo montero ingredients stock management system v | eq | 1.0 |