2 matches found
CVE-2023-51813
Cross Site Request Forgery CSRF vulnerability in Free Open-Source Inventory Management System v.1.0 allows a remote attacker to execute arbitrary code via the stafflist parameter in the index.php component...
CVE-2022-31340
CVE-2022-31340 affects Simple Inventory System v1.0 and is due to a SQL Injection vulnerability in /inventory/table_edit_ajax.php. The Red Hat, CNVD, CNNVD and other feeds corroborate a SQLi issue in this exact path/component. CVSS data indicate a high-severity impact (high confidentiality, integ...