5 matches found
CVE-2024-5101
CVE-2024-5101 affects SourceCodester Simple Inventory System v1.0, with a SQL injection in updateproduct.php triggered by the ITEM parameter. The issue allows remote exploitation and has been publicly disclosed; multiple sources corroborate the vulnerability. Root cause: input appended into SQL q...
CVE-2024-5097
CVE-2024-5097 affects SourceCodester Simple Inventory System 1.0. The vulnerability is a cross-site request forgery triggered by manipulating the itemnumber parameter in /tableedit.php#page=editprice, allowing remote exploitation. Several connected sources confirm the flaw and public disclosure o...
CVE-2024-5100
CVE-2024-5100 is a SQL injection in SourceCodester Simple Inventory System 1.0, affecting the file tableedit.php . The issue arises from improper handling of the from and to parameters, allowing an attacker to manipulate input values to execute arbitrary SQL. The vulnerability is exploitable remo...
CVE-2024-5098
SourceCodester Simple Inventory System 1.0 has a SQL injection vulnerability in login.php via the username parameter. The CVE-2024-5098 entry confirms an exploit has been disclosed. Several connected sources corroborate the issue and suggest updating to a newer version as the fix, and offer inter...
CVE-2024-5099
CVE-2024-5099 concerns SourceCodester Simple Inventory System 1.0. The vulnerability resides in the file updateprice.php , where manipulating the argument ITEM results in an SQL injection. The issue is exploitable remotely, and public exploit information has been disclosed. Several connected sour...