Lucene search
China National Vulnerability DatabaseCNVD-2023-11174HistoryAug 31, 2022 - 12:00 a.m.
Ingredients Stock Management System SQL Injection Vulnerability (CNVD-2023-11174)
2022-08-3100:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
ingredients stock management system
sql injection
vulnerability
carlo montero
validation
external input
sql statements
attacker
database data
EPSS
0.001
Percentile
37.7%
Ingredients Stock Management System is an ingredient stock management system from Carlo Monteroβs personal developer. v1.0 of the Ingredients Stock Management System is vulnerable to SQL injection, which originates from the /admin/?page= reports/stockout&month= is missing validation of external input SQL statements in the month parameter. An attacker could use this vulnerability to execute illegal SQL commands to steal database data.
Related
prion
prion
Sql injection
2022-08-29 14:15:00
cvelist
cvelist
CVE-2022-36688
2022-08-29 13:56:55
nvd
nvd
CVE-2022-36688
2022-08-29 14:15:13
cve
cve
CVE-2022-36688
2022-08-29 14:15:13