Lucene search
+L

36 matches found

Cvelist
Cvelist
added 2024/06/09 6:0 a.m.26 views

CVE-2024-5774 SourceCodester Stock Management System Login index.php sql injection

A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attack c...

7.5CVSS0.00656EPSS
Exploits1References4
CVE
CVE
added 2024/06/09 6:0 a.m.72 views

CVE-2024-5774

CVE-2024-5774 affects SourceCodester Stock Management System 1.0, specifically the Login component’s index.php. The vulnerability is a SQL injection exploitable via the username/password arguments in an unknown functionality, allowing remote attack. Multiple connected sources confirm the issue, n...

9.8CVSS7.7AI score0.00656EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2024/06/06 1:15 p.m.22 views

CVE-2024-36779

Sourcecodester Stock Management System v1.0 is vulnerable to SQL Injection via editCategories.php...

9.8CVSS7.6AI score0.00567EPSS
Exploits1References1
CVE
CVE
added 2024/06/06 12:31 p.m.81 views

CVE-2024-36779

CVE-2024-36779 affects Sourcecodester Stock Management System v1.0 . The vulnerability is an SQL Injection via the file editCategories.php , caused by improper input handling. The CVSS 3.1 metrics indicate a CRITICAL impact with C/H/I/A = High and a network attack vector without user interaction....

9.8CVSS8.4AI score0.00567EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2024/05/30 1:15 p.m.4 views

CVE-2024-5515

A vulnerability was found in SourceCodester Stock Management System 1.0. It has been classified as critical. Affected is an unknown function of the file createBrand.php. The manipulation of the argument brandName leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

9.8CVSS5.8AI score0.00637EPSS
Exploits1References4
NVD
NVD
added 2024/05/30 1:15 p.m.18 views

CVE-2024-5515

A vulnerability was found in SourceCodester Stock Management System 1.0. It has been classified as critical. Affected is an unknown function of the file createBrand.php. The manipulation of the argument brandName leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

9.8CVSS6.8AI score0.00637EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/05/30 1:0 p.m.19 views

CVE-2024-5515 SourceCodester Stock Management System createBrand.php sql injection

A vulnerability was found in SourceCodester Stock Management System 1.0. It has been classified as critical. Affected is an unknown function of the file createBrand.php. The manipulation of the argument brandName leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

6.5CVSS7.4AI score0.00637EPSS
Exploits1References4
CVE
CVE
added 2024/05/30 1:0 p.m.53 views

CVE-2024-5515

CVE-2024-5515 affects SourceCodester Stock Management System 1.0, with a SQL injection in createBrand.php via the brandName parameter. The vulnerability is exploitable remotely and has been disclosed publicly. Root cause is improper handling of user input in a SQL query, allowing injection. The C...

9.8CVSS6.8AI score0.00637EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2024/05/30 12:0 a.m.4 views

SourceCodester Stock Management System SQL注入漏洞

Sourcecodester Stock Management System is an inventory management system. A SQL injection vulnerability exists in SourceCodester Stock Management System version 1.0, which stems from a SQL injection caused by the brandName parameter of the file createBrand.php...

9.8CVSS7.1AI score0.00637EPSS
Exploits1References5
Cvelist
Cvelist
added 2022/01/31 5:42 p.m.28 views

CVE-2021-44114

Cross Site Scripting XSS vulnerability exists in Sourcecodester Stock Management System in PHP/OOP 1.0, which allows remote malicious users to execute arbitrary remote code execution via create user function...

5.9AI score0.00996EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2020/09/09 2:5 p.m.11 views

CVE-2020-24198

A persistent cross-site scripting vulnerability in Sourcecodester Stock Management System v1.0 allows remote attackers to inject arbitrary web script or HTML via the 'Brand Name.'...

6.2AI score0.00835EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2020/09/09 12:0 a.m.9 views

PT-2020-15652 · Sourcecodester · Sourcecodester Stock Management System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Stock Management System version 1.0 Description: A persistent cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via the Brand Name. This enables attackers to potentially execute malicious...

6.1CVSS6.7AI score0.00835EPSS
Exploits1References5
Cvelist
Cvelist
added 2020/09/02 4:6 p.m.23 views

CVE-2020-23830

A Cross-Site Request Forgery CSRF vulnerability in changeUsername.php in SourceCodester Stock Management System v1.0 allows remote attackers to deny future logins by changing an authenticated victim's username when they visit a third-party site...

6.9AI score0.00534EPSS
Exploits1References2
OSV
OSV
added 2020/09/01 5:15 p.m.6 views

CVE-2020-23831

A Reflected Cross-Site Scripting XSS vulnerability in the index.php login-portal webpage of SourceCodester Stock Management System v1.0 allows remote attackers to harvest login credentials and session cookies when an unauthenticated victim clicks on a malicious URL and enters credentials...

6.1CVSS6.4AI score0.00842EPSS
Exploits1References2
NVD
NVD
added 2020/09/01 5:15 p.m.26 views

CVE-2020-23831

A Reflected Cross-Site Scripting XSS vulnerability in the index.php login-portal webpage of SourceCodester Stock Management System v1.0 allows remote attackers to harvest login credentials and session cookies when an unauthenticated victim clicks on a malicious URL and enters credentials...

6.4CVSS6.1AI score0.00842EPSS
Exploits1References2
Prion
Prion
added 2020/09/01 5:15 p.m.21 views

Cross site scripting

A Reflected Cross-Site Scripting XSS vulnerability in the index.php login-portal webpage of SourceCodester Stock Management System v1.0 allows remote attackers to harvest login credentials and session cookies when an unauthenticated victim clicks on a malicious URL and enters credentials...

4.3CVSS6.1AI score0.00842EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder