31 matches found
EUVD-2023-30567
Malicious code in bioql PyPI...
EUVD-2023-12983
Malicious code in bioql PyPI...
EUVD-2023-43865
Malicious code in bioql PyPI...
EUVD-2023-30566
Malicious code in bioql PyPI...
CVE-2023-27150
openCRX 5.2.0 was discovered to contain a cross-site scripting XSS vulnerability via the Name field after creation of a Tracker in Manage Activity...
CVE-2023-26773
Cross Site Scripting vulnerability found in Sales Tracker Management System v.1.0 allows a remote attacker to gain privileges via the product list function in the Master.php file...
CVE-2023-1983
A vulnerability was found in SourceCodester Sales Tracker Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/products/manageproduct.php of the component GET Parameter Handler. The manipulation of the argument id leads to s...
CVE-2023-3184
A vulnerability was found in SourceCodester Sales Tracker Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /classes/Users.php?f=save. The manipulation of the argument firstname/middlename/lastname/username leads to cross sit...
CVE-2023-3184
A vulnerability was found in SourceCodester Sales Tracker Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /classes/Users.php?f=save. The manipulation of the argument firstname/middlename/lastname/username leads to cross sit...
Sql injection
A vulnerability was found in SourceCodester Sales Tracker Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/products/manageproduct.php of the component GET Parameter Handler. The manipulation of the argument id leads to s...
Cross site scripting
Cross Site Scripting vulnerability found in Sales Tracker Management System v.1.0 allows a remote attacker to gain privileges via the product list function in the Master.php file...
CVE-2023-26774
An issue found in Sales Tracker Management System v.1.0 allows a remote attacker to access sensitive information via sales.php component of the admin/reports endpoint...
CVE-2023-26773
CVE-2023-26773 is a cross-site scripting (XSS) vulnerability in Sales Tracker Management System v1.0, exploitable via the Master.php product list function. The weakness allows a remote attacker to gain privileges through crafted input, with CVSS 3.1 metrics indicating network access, no privilege...
CVE-2023-26773
Cross Site Scripting vulnerability found in Sales Tracker Management System v.1.0 allows a remote attacker to gain privileges via the product list function in the Master.php file...
CVE-2023-26774
CVE-2023-26774 affects Sales Tracker Management System v1.0. The vulnerability is described as an insecure direct object reference in the admin/reports endpoint, allowing a remote attacker to access sensitive information via the sales.php component. The issue is evidenced across multiple sources ...
CVE-2023-26773
Cross Site Scripting vulnerability found in Sales Tracker Management System v.1.0 allows a remote attacker to gain privileges via the product list function in the Master.php file...
Sales Tracker Management System 1.0 Cross Site Scripting
Exploit Title: Sales Tracker Management System v1.0 - One click account takeover XSS Exploit Author: Achuth V P retrymp3 Date: February 08, 2023 CVE: CVE-2023-26773 Vendor Homepage: https://www.sourcecodester.com/php/16061/sales-tracker-management-system-using-php-free-source-code.html Software...
Sales Tracker Management System 1.0 Cross Site Scripting
Exploit Title: Sales Tracker Management System - Cross Site Scripting Vulnerability Authenticated Date: 23/03/2023 Exploit Author: Abdulhakim Öner Vendor Homepage: https://www.sourcecodester.com Software Link:...
CVE-2023-1292
A vulnerability has been found in SourceCodester Sales Tracker Management System 1.0 and classified as critical. This vulnerability affects the function deleteclient of the file classes/Master.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. T...
Sql injection
A vulnerability, which was classified as critical, was found in SourceCodester Sales Tracker Management System 1.0. This affects an unknown part of the file admin/clients/manageclient.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely...