5 matches found
CVE-2023-1130
CVE-2023-1130 affects SourceCodester Computer Parts Sales and Inventory System 1.0, specifically the vulnerable part within the file processlogin . The root cause is improper handling of the user parameter, enabling SQL injection . This can be exploited remotely and, according to the sources, the...
CVE-2023-1179
CVE-2023-1179 affects SourceCodester Computer Parts Sales and Inventory System 1.0. The vulnerability exists in the Add Supplier Handler where manipulating the arguments company_name, province, city, or phone_number can lead to cross-site scripting. Exploitation is possible remotely and, per sour...
CVE-2023-1131
CVE-2023-1131 affects the SourceCodester Computer Parts Sales and Inventory System 1.0. The vulnerability is a cross-site scripting flaw in the file customer.php , triggered by manipulating the arguments FIRST_NAME/LAST_NAME/PHONE_NUMBER . It can be exploited remotely, and the exploit has been di...
CVE-2023-1351
CVE-2023-1351 affects SourceCodester Computer Parts Sales and Inventory System 1.0, with a SQL injection in the file cust_transac.php via the phonenumber parameter. The vulnerability can be exploited remotely and exploits have been publicly disclosed. Remediation guidance across sources includes ...
CVE-2023-1363
CVE-2023-1363 affects SourceCodester Computer Parts Sales and Inventory System 1.0. Affected component: Add User Account. The vulnerability arises from manipulating the username argument, triggering cross-site scripting that can be exploited remotely. Multiple sources confirm the issue and note t...