12 matches found
EUVD-2023-29928
Malicious code in bioql PyPI...
EUVD-2024-42543
Malicious code in bioql PyPI...
CVE-2023-39707
A stored cross-site scripting XSS vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add Expense parameter under the Expense section...
CVE-2023-39709
Multiple cross-site scripting XSS vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Member section...
CVE-2023-51813
CVE-2023-51813 describes a CSRF vulnerability in the Free Open-Source Inventory Management System v1.0. The issue arises via the staff_list parameter in the index.php component, allowing a remote attacker to execute arbitrary code. The available documents do not specify affected build details bey...
CVE-2023-39711
Technical details about CVE-2023-39711 are not publicly available in the provided connected documents. Monitor for updates from sources in this dataset for affected products, impact, and fixes.
PT-2023-27082 · Unknown · Free/Open Source Inventory Management System
Name of the Vulnerable Software and Affected Versions: Free and Open Source Inventory Management System version 1.0 Description: The issue allows attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the Name, Address, and Company parameters under the "Add Custome...
CVE-2023-39709
Multiple cross-site scripting XSS vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Member section...
CVE-2023-39709
CVE-2023-39709 affects Free and Open Source Inventory Management System v1.0. The issue is multiple cross-site scripting (XSS) vulnerabilities that allow attackers to inject arbitrary web scripts via the Name, Address, and Company fields in the Add Member section. The CVSS v3.1 base score is 6.1 ...
CVE-2023-39708
CVE-2023-39708 corresponds to a stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0. The issue arises from injecting arbitrary web scripts/HTML via the Add New parameter under the New Buy section. Affected component is the web application; the ...
CVE-2023-39707
CVE-2023-39707 concerns a stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0, allowing an attacker to inject arbitrary web scripts via the Add Expense field under Expense. The issue is tied to how input is handled in that parameter, enabling s...
PT-2023-27078 · Unknown · Free/Open Source Inventory Management System
Name of the Vulnerable Software and Affected Versions: Free and Open Source Inventory Management System version 1.0 Description: A stored cross-site scripting XSS vulnerability allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add Expense parameter...