Lucene search
K
ArgieSimple Inventory System

5 matches found

CVE
CVE
added 2024/05/19 2:0 p.m.76 views

CVE-2024-5101

CVE-2024-5101 affects SourceCodester Simple Inventory System v1.0, with a SQL injection in updateproduct.php triggered by the ITEM parameter. The issue allows remote exploitation and has been publicly disclosed; multiple sources corroborate the vulnerability. Root cause: input appended into SQL q...

8.8CVSS7.5AI score0.00614EPSS
CVE
CVE
added 2024/05/19 3:0 a.m.63 views

CVE-2024-5097

CVE-2024-5097 affects SourceCodester Simple Inventory System 1.0. The vulnerability is a cross-site request forgery triggered by manipulating the itemnumber parameter in /tableedit.php#page=editprice, allowing remote exploitation. Several connected sources confirm the flaw and public disclosure o...

6.9CVSS6.7AI score0.00373EPSS
CVE
CVE
added 2024/05/19 11:31 a.m.60 views

CVE-2024-5100

CVE-2024-5100 is a SQL injection in SourceCodester Simple Inventory System 1.0, affecting the file tableedit.php . The issue arises from improper handling of the from and to parameters, allowing an attacker to manipulate input values to execute arbitrary SQL. The vulnerability is exploitable remo...

6.5CVSS7.3AI score0.0049EPSS
Web
CVE
CVE
added 2024/05/19 6:0 a.m.52 views

CVE-2024-5098

SourceCodester Simple Inventory System 1.0 has a SQL injection vulnerability in login.php via the username parameter. The CVE-2024-5098 entry confirms an exploit has been disclosed. Several connected sources corroborate the issue and suggest updating to a newer version as the fix, and offer inter...

6.5CVSS7.3AI score0.00484EPSS
CVE
CVE
added 2024/05/19 8:0 a.m.52 views

CVE-2024-5099

CVE-2024-5099 concerns SourceCodester Simple Inventory System 1.0. The vulnerability resides in the file updateprice.php , where manipulating the argument ITEM results in an SQL injection. The issue is exploitable remotely, and public exploit information has been disclosed. Several connected sour...

6.5CVSS7.3AI score0.0049EPSS