14 matches found
CVE-2026-30575
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtqty" parameter during stock entry, allowing negative values to be processed. This causes the system to decrease the inventory level...
EUVD-2026-10280
A flaw has been found in SourceCodester Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file checksupplierdetails.php of the component POST Parameter Handler. Executing a manipulation of the argument stockname1 can lead to sql injection. The attac...
CVE-2026-3754
A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown function of the file /addstock.php. Performing a manipulation of the argument cost results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used...
CVE-2025-66417
GLPI is a free asset and IT management software package. From 11.0.0, 11.0.3, an unauthenticated user can perform a SQL injection through the inventory endpoint. This vulnerability is fixed in 11.0.3...
EUVD-2018-6390
Malware in sbrugna...
EUVD-2021-28544
Malicious code in bioql PyPI...
PT-2024-16857 · Sourcecodester · Sourcecodester Online Eyewear Shop
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Eyewear Shop version 1.0 Description: A vulnerability has been found in the Inventory Page component, specifically in the file /oews/classes/Master.php?f=save product. The manipulation of the brand argument leads to...
HPGO (=0.9.2), algebraics (>=0.1.2 <=0.2.0) +242 more potentially affected by unknown CVE via inventory (>=0.1.10 <=0.1.11)
inventory CARGO version =0.1.10, =0.1.2, =0.11.0, =0.2.0, =0.1.0, =0.6.0, =0.7.0, =0.6.0, =0.5.0, =0.6.0, =0.4.0, =0.6.0, =0.5.0, =0.15.3 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2023-0058...
UBUNTU-CVE-2022-39371
GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Script related HTML tags in assets inventory information are not properly neutralized. This issue has...
PT-2022-24937 · Glpi +1 · Glpi +1
Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.4 Description: The issue concerns the improper neutralization of script related HTML tags in assets inventory information. This has been patched, and an upgrade is recommended. There are no known workarounds at thi...
Sourcecodester Medical Store Point SQL注入漏洞
Sourcecodester Medical Store Point is a Sourcecodester open source application. A Pharmacy/Medical Store Point of Sale POS system. Pharmacy Medical Store and Sale Point suffers from a SQL injection vulnerability that originates from a blind time-based SQL injection attack performed on the Medical...
Microsoft Windows and Windows Server Information Disclosure Vulnerability (CNVD-2021-34486)
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. The codec inventory in Microsoft Windows and Windows Server is vulnerable to information...
Intel Integrated Performance Primitives Data Disclosure Vulnerability
Intel Integrated Performance Primitives IPP is a suite of programming tools for working with images, signal processing, and data from Intel Corporation USA. A security vulnerability exists in the password inventory in versions prior to Intel IPP 2019 update1. A local attacker can exploit the...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in PHP Inventory 1.2 allows remote attackers to inject arbitrary web script or HTML via the supid parameter in a suppliers details action...