Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Sales & Company Management System Security Vulnerabilities

cve
cve

CVE-2018-19654

An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. There is a discrepancy in username checking between a component that does string validation, and a component that is supposed to query a MySQL database. Thus, it is possible to register a new account with a dupl...

7.5CVSS

7.4AI Score

0.001EPSS

2018-11-29 05:29 AM
21
cve
cve

CVE-2018-19923

An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. There is member/member_email.php?action=edit CSRF.

8.8CVSS

8.6AI Score

0.001EPSS

2018-12-06 11:29 PM
20
cve
cve

CVE-2018-19924

An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. An email address can be modified in between the request for a validation code and the entry of the validation code, leading to storage of an XSS payload contained in the modified address.

6.1CVSS

6AI Score

0.001EPSS

2018-12-06 11:29 PM
21
cve
cve

CVE-2018-19925

An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. It has SQL injection via the member/member_order.php type parameter, related to the O_state parameter.

9.8CVSS

9.7AI Score

0.002EPSS

2018-12-06 11:29 PM
27