579 matches found
CVE-2026-13570
A vulnerability was detected in SourceCodester Inventory Management System 1.0. Impacted is an unknown function of the file /api/usershandler.php of the component User Registration Endpoint. Performing a manipulation of the argument fullname results in cross site scripting. The attack is possible...
CVE-2026-13570
The CVE-2026-13570 entry concerns SourceCodester Inventory Management System 1.0 and affects the User Registration Endpoint, specifically the /api/users_handler.php function where manipulating the full_name parameter leads to cross-site scripting. The vulnerability is exploitable remotely, with p...
CVE-2026-13568
Affected product: SourceCodester Inventory Management System 1.0. Vulnerability: In the User Registration Endpoint, the /api/users_handler.php component mishandles the role argument, enabling improper access controls. This enables remote exploitation. Impact details (as stated): Remote exploitati...
CVE-2026-10172 Bdtask Multi-Store Inventory Management System Component Module.php upload unrestricted upload
A security flaw has been discovered in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php of the component Component Module. The manipulation of the argument module results in unrestricte...
CVE-2026-10155
A vulnerability was found in Bdtask Multi-Store Inventory Management System 1.0. The impacted element is the function accountsreportsearch of the file application/modules/accounts/controllers/Accounts.php of the component Accounts Report Handler. Performing a manipulation of the argument dtpToDat...
CVE-2026-7070
A weakness has been identified in code-projects Inventory Management System 1.0. Affected is an unknown function of the component Login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the...
CVE-2026-7070
CVE-2026-7070 affects code-projects Inventory Management System 1.0. The vulnerability is in an unknown function of the Login component, where manipulating the Username parameter can lead to a SQL injection. The attack can be launched remotely, and public exploits exist. Metrics from multiple sou...
CVE-2026-7070 code-projects Inventory Management System Login sql injection
A weakness has been identified in code-projects Inventory Management System 1.0. Affected is an unknown function of the component Login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the...
EUVD-2026-25746
A weakness has been identified in code-projects Inventory Management System 1.0. Affected is an unknown function of the component Login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the...
PT-2026-35281
A weakness has been identified in code-projects Inventory Management System 1.0. Affected is an unknown function of the component Login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the...
UBUNTU-CVE-2026-22675
OCS Inventory NG Server version 2.12.3 and prior contain a stored cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript by submitting malicious User-Agent HTTP headers to the /ocsinventory endpoint. Attackers can register rogue agents or craft...
EUVD-2026-8903
A vulnerability has been found in go2ismail Asp.Net-Core-Inventory-Order-Management-System up to 9.20250118. Affected is an unknown function of the component Administrative Interface. Such manipulation leads to execution after redirect. The attack may be launched remotely. The exploit has been...
CVE-Asp.Net-Core-Inventory-Order-Management-System-Advisories
CVE-Asp.Net-Core-Inventory-Order-Management-System-Advisories...
CVE-2022-35599
A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter productcode...
CVE-2023-4558
A vulnerability classified as critical was found in SourceCodester Inventory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file staffdata.php. The manipulation of the argument columns0data leads to sql injection. The attack can be launched remotely. The...
CVE-2023-4200
A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file productdata.php.. The manipulation of the argument columns1data leads to sql injection. The attack can be initiated remotely. The exploi...
CVE-2023-4437
A vulnerability, which was classified as critical, was found in SourceCodester Inventory Management System 1.0. Affected is an unknown function of the file app/ajax/searchsellpaymenreport.php. The manipulation of the argument customer leads to sql injection. It is possible to launch the attack...
CVE-2023-4201
A vulnerability was found in SourceCodester Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file excatagorydata.php. The manipulation of the argument columns1data leads to sql injection. The attack may be initiated remotely. The exploi...
CVE-2023-4438
A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file app/ajax/searchsalesreport.php. The manipulation of the argument customer leads to sql injection. The attack can be...
CVE-2023-4557
A vulnerability classified as critical has been found in SourceCodester Inventory Management System 1.0. Affected is an unknown function of the file app/ajax/searchpurchasepaymenreport.php. The manipulation of the argument customer leads to sql injection. It is possible to launch the attack...