36 matches found
CVE-2024-5774 SourceCodester Stock Management System Login index.php sql injection
A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attack c...
CVE-2024-5774
CVE-2024-5774 affects SourceCodester Stock Management System 1.0, specifically the Login component’s index.php. The vulnerability is a SQL injection exploitable via the username/password arguments in an unknown functionality, allowing remote attack. Multiple connected sources confirm the issue, n...
CVE-2024-36779
Sourcecodester Stock Management System v1.0 is vulnerable to SQL Injection via editCategories.php...
CVE-2024-36779
CVE-2024-36779 affects Sourcecodester Stock Management System v1.0 . The vulnerability is an SQL Injection via the file editCategories.php , caused by improper input handling. The CVSS 3.1 metrics indicate a CRITICAL impact with C/H/I/A = High and a network attack vector without user interaction....
CVE-2024-5515
A vulnerability was found in SourceCodester Stock Management System 1.0. It has been classified as critical. Affected is an unknown function of the file createBrand.php. The manipulation of the argument brandName leads to sql injection. It is possible to launch the attack remotely. The exploit ha...
CVE-2024-5515
A vulnerability was found in SourceCodester Stock Management System 1.0. It has been classified as critical. Affected is an unknown function of the file createBrand.php. The manipulation of the argument brandName leads to sql injection. It is possible to launch the attack remotely. The exploit ha...
CVE-2024-5515 SourceCodester Stock Management System createBrand.php sql injection
A vulnerability was found in SourceCodester Stock Management System 1.0. It has been classified as critical. Affected is an unknown function of the file createBrand.php. The manipulation of the argument brandName leads to sql injection. It is possible to launch the attack remotely. The exploit ha...
CVE-2024-5515
CVE-2024-5515 affects SourceCodester Stock Management System 1.0, with a SQL injection in createBrand.php via the brandName parameter. The vulnerability is exploitable remotely and has been disclosed publicly. Root cause is improper handling of user input in a SQL query, allowing injection. The C...
SourceCodester Stock Management System SQL注入漏洞
Sourcecodester Stock Management System is an inventory management system. A SQL injection vulnerability exists in SourceCodester Stock Management System version 1.0, which stems from a SQL injection caused by the brandName parameter of the file createBrand.php...
CVE-2021-44114
Cross Site Scripting XSS vulnerability exists in Sourcecodester Stock Management System in PHP/OOP 1.0, which allows remote malicious users to execute arbitrary remote code execution via create user function...
CVE-2020-24198
A persistent cross-site scripting vulnerability in Sourcecodester Stock Management System v1.0 allows remote attackers to inject arbitrary web script or HTML via the 'Brand Name.'...
PT-2020-15652 · Sourcecodester · Sourcecodester Stock Management System
Name of the Vulnerable Software and Affected Versions: Sourcecodester Stock Management System version 1.0 Description: A persistent cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via the Brand Name. This enables attackers to potentially execute malicious...
CVE-2020-23830
A Cross-Site Request Forgery CSRF vulnerability in changeUsername.php in SourceCodester Stock Management System v1.0 allows remote attackers to deny future logins by changing an authenticated victim's username when they visit a third-party site...
CVE-2020-23831
A Reflected Cross-Site Scripting XSS vulnerability in the index.php login-portal webpage of SourceCodester Stock Management System v1.0 allows remote attackers to harvest login credentials and session cookies when an unauthenticated victim clicks on a malicious URL and enters credentials...
CVE-2020-23831
A Reflected Cross-Site Scripting XSS vulnerability in the index.php login-portal webpage of SourceCodester Stock Management System v1.0 allows remote attackers to harvest login credentials and session cookies when an unauthenticated victim clicks on a malicious URL and enters credentials...
Cross site scripting
A Reflected Cross-Site Scripting XSS vulnerability in the index.php login-portal webpage of SourceCodester Stock Management System v1.0 allows remote attackers to harvest login credentials and session cookies when an unauthenticated victim clicks on a malicious URL and enters credentials...