Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:1 p.m.4 views

CVE-2018-19923

An issue was discovered in Sales & Company Management System SCMS through 2018-06-06. There is member/memberemail.php?action=edit CSRF...

8.8CVSS7AI score0.00523EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:0 p.m.9 views

CVE-2018-19925

An issue was discovered in Sales & Company Management System SCMS through 2018-06-06. It has SQL injection via the member/memberorder.php type parameter, related to the Ostate parameter...

9.8CVSS8AI score0.01135EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:58 a.m.4 views

CVE-2018-19924

An issue was discovered in Sales & Company Management System SCMS through 2018-06-06. An email address can be modified in between the request for a validation code and the entry of the validation code, leading to storage of an XSS payload contained in the modified address...

6.1CVSS6.3AI score0.00707EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-11595

Malware in sbrugna...

8.8CVSS8.8AI score0.00523EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-11338

Malware in sbrugna...

7.5CVSS7.5AI score0.00917EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-11596

Malware in sbrugna...

6.1CVSS6.3AI score0.00707EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-11597

Malware in sbrugna...

9.8CVSS9.5AI score0.01135EPSS
Exploits1References2
exploitpack
exploitpack
added 2019/01/21 12:0 a.m.27 views

Coman 1.0 - id SQL Injection

Coman 1.0 - id SQL Injection Exploit Title: Coman - Company Management System 1.0 - SQL Injection Dork: N/A Date: 2019-01-20 Exploit Author: Ihsan Sencan Vendor Homepage: http://ragob.com/ Software Link: https://codecanyon.net/item/coman-company-management-system/17799270 Version: 1.0 Category:...

8.7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/01/21 12:0 a.m.284 views

Coman 1.0 - 'id' SQL Injection

Exploit Title: Coman - Company Management System 1.0 - SQL Injection Dork: N/A Date: 2019-01-20 Exploit Author: Ihsan Sencan Vendor Homepage: http://ragob.com/ Software Link: https://codecanyon.net/item/coman-company-management-system/17799270 Version: 1.0 Category: Webapps Tested on:...

7AI score
Exploits0
OSV
OSV
added 2018/12/06 11:29 p.m.1 views

CVE-2018-19923

An issue was discovered in Sales & Company Management System SCMS through 2018-06-06. There is member/memberemail.php?action=edit CSRF...

8.8CVSS5.8AI score0.00523EPSS
Exploits1References1
Prion
Prion
added 2018/12/06 11:29 p.m.13 views

Input validation

An issue was discovered in Sales & Company Management System SCMS through 2018-06-06. An email address can be modified in between the request for a validation code and the entry of the validation code, leading to storage of an XSS payload contained in the modified address...

4.3CVSS6.1AI score0.00707EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/12/06 11:0 p.m.20 views

CVE-2018-19924

An issue was discovered in Sales & Company Management System SCMS through 2018-06-06. An email address can be modified in between the request for a validation code and the entry of the validation code, leading to storage of an XSS payload contained in the modified address...

6.2AI score0.00707EPSS
Exploits1References1
CNVD
CNVD
added 2018/11/30 12:0 a.m.3 views

Sales & Company Management System Privilege Permission and Access Control Vulnerability

Sales & Company Management System SCMS is a sales and company management system. The system includes features such as customer management, product management and tax management. A privilege permission and access control vulnerability exists in SCMS 2018-06-06 and prior versions, which can be...

7.5CVSS6.9AI score0.00917EPSS
Exploits1References1
Prion
Prion
added 2018/11/29 5:29 a.m.10 views

Design/Logic Flaw

An issue was discovered in Sales & Company Management System SCMS through 2018-06-06. There is a discrepancy in username checking between a component that does string validation, and a component that is supposed to query a MySQL database. Thus, it is possible to register a new account with a...

5CVSS7.4AI score0.00917EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/11/29 5:0 a.m.36 views

CVE-2018-19654

CVE-2018-19654 affects the Sales & Company Management System (SCMS) up to 2018-06-06. The issue is a discrepancy between a string-validation component and the MySQL query component, allowing registration of a new account with a username that already exists (e.g., test%c2) when the account is alre...

7.5CVSS7.4AI score0.00917EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder