Lucene search
+L
Oretnom23Stock Management System

8 matches found

CVE
CVE
added 2025/05/05 6:31 p.m.70 views

CVE-2025-4283

SourceCodester/oretnom23 Stock Management System 1.0 contains a SQL injection flaw in the login flow. The vulnerability specifically arises from manipulation of the Username parameter in /classes/Login.php?f=login, enabling remote exploitation. Public disclosures exist; CVSS metrics indicate high...

9.8CVSS7.5AI score0.00491EPSS
Web
CVE
CVE
added 2025/05/05 6:0 a.m.61 views

CVE-2025-4267

The CVE-2025-4267 entry affects SourceCodester/oretnom23 Stock Management System 1.0. The vulnerability resides in the Purchase Order Details Page, specifically /admin/?page=purchase_order/view_po, where manipulating the ID parameter enables SQL injection. It is exploitable remotely and has repor...

7.2CVSS5.3AI score0.00408EPSS
Web
CVE
CVE
added 2025/05/05 6:0 p.m.52 views

CVE-2025-4282

The CVE-2025-4282 entry affects SourceCodester/oretnom23 Stock Management System 1.0, specifically the /classes/Users.php?f=save handler. Multiple connected sources confirm a cross-site request forgery vulnerability that can be triggered remotely; exploitation is publicly disclosed. The vulnerabi...

8.8CVSS7AI score0.00285EPSS
CVE
CVE
added 2025/05/16 3:31 p.m.45 views

CVE-2025-4786

CVE-2025-4786 affects SourceCodester/oretnom23 Stock Management System 1.0. The issue is an SQL injection in the endpoint /admin/?page=return/view_return triggered by manipulating the ID parameter, with remote exploitation possible. Public disclosure exists and the vulnerability is classified as ...

8.8CVSS6.8AI score0.0042EPSS
Web
CVE
CVE
added 2025/05/16 4:0 p.m.45 views

CVE-2025-4787

CVE-2025-4787 affects SourceCodester/oretnom23 Stock Management System 1.0. The vulnerability is a SQL injection in the file /admin/?page=sales/view_sale caused by manipulating the ID parameter. It is exploitable remotely and several sources note that the exploit has been disclosed publicly. Evid...

8.8CVSS7.5AI score0.00405EPSS
Web
CVE
CVE
added 2025/05/16 7:0 p.m.42 views

CVE-2025-4806

CVE-2025-4806 affects SourceCodester/oretnom23 Stock Management System 1.0. The vulnerability is an SQL injection in the file path /admin/?page=back_order/view_bo caused by manipulation of the ID argument. It is exploitable remotely and publicly disclosed. Multiple connected sources confirm the i...

8.8CVSS6.7AI score0.00405EPSS
CVE
CVE
added 2025/05/19 2:0 p.m.41 views

CVE-2025-4935

CVE-2025-4935 affects SourceCodester Stock Management System 1.0. The vulnerability is a SQL injection in the file /php_action/changePassword.php triggered by manipulating the user_id parameter. The issue is exploitable remotely and has public exploit references in multiple sources. Several conne...

9.8CVSS7.5AI score0.00421EPSS
Web
CVE
CVE
added 2025/05/16 2:31 p.m.36 views

CVE-2025-4782

CVE-2025-4782 affects SourceCodester/oretnom23 Stock Management System 1.0. The vulnerability is an SQL injection in the endpoint /sms/admin/?page=receiving/view_receiving&id=1 where manipulating the id parameter can lead to remote exploitation. Multiple sources note that the exploit has been dis...

8.8CVSS6.8AI score0.0051EPSS
Web