Cross-Site Scripting (XSS) vulnerability in Inventory Management V1.0 allows attackers to execute arbitrary code via the pname parameter of the editProduct.php component.
5.4CVSS
5.4AI Score
0.0005EPSS
SQL injection vulnerability in Inventory Management v.1.0 allows a local attacker to execute arbitrary code via the name, uname and email parameters in the registration.php component.
5.5CVSS
6.3AI Score
0.0004EPSS
SQL injection vulnerability in Inventory Management v.1.0 allows a local attacker to execute arbitrary SQL commands via the id paramter in the deleteProduct.php component.
7.8CVSS
7.9AI Score
0.0004EPSS