Lucene search
K
Microfinance Management System ProjectMicrofinance Management System

4 matches found

CVE
CVE
added 2022/04/19 12:32 p.m.90 views

CVE-2022-27927

CVE-2022-27927 affects Microfinance Management System 1.0 in which SQL injection is possible when MySQL is used as the application database. The vulnerable inputs are the course_code and/or customer_number parameters, through which an attacker can issue arbitrary SQL commands to the backend datab...

9.8CVSS9.7AI score0.1363EPSS
Web
CVE
CVE
added 2022/03/29 5:50 a.m.87 views

CVE-2022-1082

CVE-2022-1082 affects SourceCodester Microfinance Management System 1.0, specifically the login page file /mims/login.php. The vulnerability is a SQL injection caused by manipulation of the username/password input using the payload '||1=1#', which may be exploited remotely. The issue has been des...

9.8CVSS8.8AI score0.00912EPSS
Web
CVE
CVE
added 2022/03/29 5:50 a.m.72 views

CVE-2022-1083

The CVE-2022-1083 entry affects Microfinance Management System and is supported by multiple connected records describing a SQL injection vulnerability. The root cause is lack of validation/escaping for external input in parameters: customer_type_number, account_number, account_status_number, and ...

9.8CVSS8.8AI score0.00912EPSS
CVE
CVE
added 2022/03/29 5:50 a.m.59 views

CVE-2022-1081

The CVE-2022-1081 entry concerns SourceCodester Microfinance Management System 1.0. A cross-site scripting vulnerability exists in /mims/app/addcustomerHandler.php, caused by improper handling of first_name, middle_name, and surname inputs. The issue allows remote initiation of an XSS attack, wit...

6.1CVSS5AI score0.00675EPSS
Web