99 matches found
CampCodes Sales and Inventory System 注入漏洞
CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. An injection vulnerability exists in version 1.0 of the CampCodes Sales and Inventory System, which originates from a SQL injection due to incorrect manipulation of the parameter sid in the file...
CVE-2025-0200 code-projects Point of Sales and Inventory Management System search_num.php sql injection
A vulnerability has been found in code-projects Point of Sales and Inventory Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /user/searchnum.php. The manipulation of the argument search leads to sql injection. The attack can...
CVE-2025-0199
A vulnerability, which was classified as critical, was found in code-projects Point of Sales and Inventory Management System 1.0. Affected is an unknown function of the file /user/minuscart.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack...
CVE-2025-0199 code-projects Point of Sales and Inventory Management System minus_cart.php sql injection
A vulnerability, which was classified as critical, was found in code-projects Point of Sales and Inventory Management System 1.0. Affected is an unknown function of the file /user/minuscart.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack...
CVE-2025-0199 code-projects Point of Sales and Inventory Management System minus_cart.php sql injection
A vulnerability, which was classified as critical, was found in code-projects Point of Sales and Inventory Management System 1.0. Affected is an unknown function of the file /user/minuscart.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack...
CVE-2025-0199
CVE-2025-0199 affects code-projects Point of Sales and Inventory Management System 1.0, with an SQL injection in /user/minus_cart.php triggered by manipulating the id parameter. The vulnerability is described as remote-exploitable and publicly disclosed. Connected sources (NVD, Red Hat, CVE listi...
CVE-2025-0198 code-projects Point of Sales and Inventory Management System search_result.php sql injection
A vulnerability, which was classified as critical, has been found in code-projects Point of Sales and Inventory Management System 1.0. This issue affects some unknown processing of the file /user/searchresult.php. The manipulation of the argument id leads to sql injection. The attack may be...
CVE-2025-0197
A vulnerability classified as critical was found in code-projects Point of Sales and Inventory Management System 1.0. This vulnerability affects unknown code of the file /user/search.php. The manipulation of the argument name leads to sql injection. The attack can be initiated remotely. The explo...
CVE-2025-0197 code-projects Point of Sales and Inventory Management System search.php sql injection
A vulnerability classified as critical was found in code-projects Point of Sales and Inventory Management System 1.0. This vulnerability affects unknown code of the file /user/search.php. The manipulation of the argument name leads to sql injection. The attack can be initiated remotely. The explo...
CVE-2025-0196 code-projects Point of Sales and Inventory Management System plist.php sql injection
A vulnerability classified as critical has been found in code-projects Point of Sales and Inventory Management System 1.0. This affects an unknown part of the file /user/plist.php. The manipulation of the argument cat leads to sql injection. It is possible to initiate the attack remotely. The...
CVE-2025-0174 code-projects Point of Sales and Inventory Management System Parameter search_result2.php sql injection
A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /user/searchresult2.php of the component Parameter Handler. The manipulation of the argument search leads to sql injection. I...
CVE-2024-10165
A vulnerability was found in Codezips Sales Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file deletecustcom.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The explo...
CVE-2023-1275
A vulnerability classified as problematic was found in SourceCodester Phone Shop Sales Managements System 1.0. This vulnerability affects unknown code of the file /osms/assets/plugins/jquery-validation-1.11.1/demo/captcha/index.php of the component CAPTCHA Handler. The manipulation leads to cross...
CVE-2023-1130
A vulnerability, which was classified as critical, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. This affects an unknown part of the file processlogin. The manipulation of the argument user leads to sql injection. It is possible to initiate the attack remotely. The...
Authentication flaw
Phone Shop Sales Managements System using PHP with Source Code 1.0 is vulnerable to authentication bypass which leads to account takeover of the admin...
CVE-2021-36624
Sourcecodester Phone Shop Sales Managements System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass...
CVE-2018-19924
An issue was discovered in Sales & Company Management System SCMS through 2018-06-06. An email address can be modified in between the request for a validation code and the entry of the validation code, leading to storage of an XSS payload contained in the modified address...
CVE-2017-1000474
Soyket Chowdhury Vehicle Sales Management System version 2017-07-30 is vulnerable to multiple SQL Injecting in login/vehicle.php, login/profile.php, login/Actions.php, login/manageemployee.php, and login/sell.php scripts resulting in the expose of user's login credentials, SQL Injection and Store...
The wind-Online sales system v3. 0. 0 Upload vulnerability-vulnerability warning-the black bar safety net
Author:Lan3a Program or with the FCK editor. The official website also have this problem. Use method: The first step: FooeeShop. Webedit/editor/filemanager/connectors/asp/connector. asp? Command=CreateFolder&Type=Image&CurrentFolder=%2Fshell. asp&NewFolderName=z&uuid=1 2 4 4 7 8 9 9 7 5 6 8 4 The...