Lucene search
K
JanobeInventory Management System

7 matches found

CVE
CVE
added 2025/11/16 3:32 a.m.20 views

CVE-2025-13235

Mode C: This CVE concerns itsourcecode Inventory Management System 1.0. The vulnerability exists in the /admin/login.php file, where manipulating the user_email parameter can trigger SQL injection. It is exploitable remotely and has publicly disclosed exploits. Connected documents corroborate a S...

9.8CVSS7.3AI score0.00346EPSS
Web
CVE
CVE
added 2025/11/16 2:32 a.m.18 views

CVE-2025-13233

CVE-2025-13233 affects itsourcecode Inventory Management System 1.0. The vulnerable element is the file /index.php?q=single-item where manipulation of the ID parameter enables SQL injection. The issue can be exploited remotely and the exploit has been disclosed publicly. Available details indicat...

9.8CVSS7.1AI score0.00346EPSS
CVE
CVE
added 2025/11/15 7:2 p.m.17 views

CVE-2025-13210

The CVE-2025-13210 issue affects itsourcecode Inventory Management System 1.0. The vulnerability resides in the PROMODEL parameter of /admin/products/index.php?view=add, where improper handling enables SQL injection. This can be exploited remotely and an exploit has been publicly disclosed. Multi...

9.8CVSS5.2AI score0.0031EPSS
Web
CVE
CVE
added 2025/11/17 1:32 a.m.17 views

CVE-2025-13257

CVE-2025-13257 affects itsourcecode Inventory Management System 1.0, with the vulnerable element in /admin/user/index.php?view=edit. The issue is an SQL injection caused by manipulation of the ID parameter, exploitable remotely. Public exploits have been disclosed. Documented impact indicates hig...

9.8CVSS6.7AI score0.00346EPSS
Web
CVE
CVE
added 2025/11/16 4:2 a.m.16 views

CVE-2025-13236

Affected software: itsourcecode Inventory Management System 1.0. Vulnerability: SQL injection arising from improper handling of the ID parameter in the file /admin/products/index.php?view=edit. Where: The vulnerability is triggered via the index.php?view=edit path under the admin/products directo...

9.8CVSS6.4AI score0.00289EPSS
Web
CVE
CVE
added 2025/11/16 3:2 a.m.13 views

CVE-2025-13234

The CVE-2025-13234 affects itsourcecode Inventory Management System 1.0, with a SQL injection flaw in the PROID parameter of /index.php?q=product. Multiple sources confirm remote exploitation and a publicly released exploit. Remediation is not detailed in the initial document beyond recommending ...

9.8CVSS6.4AI score0.00289EPSS
CVE
CVE
added 2025/11/16 5:2 a.m.12 views

CVE-2025-13237

Summary: CVE-2025-13237 affects itsourcecode Inventory Management System 1.0. Affected component is the /LogSignModal.PHP file, where improper handling of the U_USERNAME parameter enables a SQL injection. The vulnerability can be exploited remotely and, according to connected sources, the exploit...

9.8CVSS7.3AI score0.00342EPSS