Sales & Company Management System Security Vulnerabilities and Issues — Sales & Company Management System CVE List

Lucene search

Sales & Company Management System ProjectSales & Company Management System

4 matches found

CVE•added 2018/12/06 11:29 p.m.•32 views

CVE-2018-19925

An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. It has SQL injection via the member/member_order.php type parameter, related to the O_state parameter.

9.8CVSS9.7AI score0.00264EPSS

CVE•added 2018/11/29 5:29 a.m.•26 views

CVE-2018-19654

An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. There is a discrepancy in username checking between a component that does string validation, and a component that is supposed to query a MySQL database. Thus, it is possible to register a new account with a dupl...

7.5CVSS7.4AI score0.00237EPSS

CVE•added 2018/12/06 11:29 p.m.•26 views

CVE-2018-19924

An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. An email address can be modified in between the request for a validation code and the entry of the validation code, leading to storage of an XSS payload contained in the modified address.

6.1CVSS6AI score0.0024EPSS

CVE•added 2018/12/06 11:29 p.m.•24 views

CVE-2018-19923

An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. There is member/member_email.php?action=edit CSRF.

8.8CVSS8.6AI score0.00141EPSS