Lucene search
K
Sanitization Management System ProjectSanitization Management System

30 matches found

CVE
CVE
added 2022/11/11 12:0 a.m.109 views

CVE-2022-3942

CVE-2022-3942 affects the SourceCodester Sanitization Management System, specifically the php-sms/?p=request_quote endpoint, where user input appears to be mishandled, enabling a cross-site scripting (XSS) condition. The vulnerability is described as exploitable remotely, with VDB-213449 cited. C...

6.1CVSS5.1AI score0.00695EPSS
Web
CVE
CVE
added 2022/11/07 12:0 a.m.65 views

CVE-2022-43350

CVE-2022-43350 affects Sanitization Management System v1.0. A SQL injection flaw exists via the id parameter in /php-sms/classes/Master.php?f=delete_inquiry. CVSSv3.1: 7.2 (HIGH) with Network attack, Low complexity, No user interaction. Impact: Confidentiality, Integrity, Availability are High. N...

7.2CVSS7.2AI score0.00821EPSS
Web
CVE
CVE
added 2022/10/15 12:0 a.m.63 views

CVE-2022-3518

CVE-2022-3518 affects SourceCodester Sanitization Management System 1.0, specifically the User Creation Handler . The vulnerability arises from manipulation of the arguments for the name fields (First Name, Middle Name, Last Name), leading to cross-site scripting (XSS) . It is described as exploi...

4.8CVSS4.3AI score0.00521EPSS
CVE
CVE
added 2022/11/30 12:0 a.m.63 views

CVE-2022-44295

CVE-2022-44295 affects Sanitization Management System v1.0. The Connected documents and the Initial description consistently state a SQL Injection vulnerability exploitable via the endpoint /php-sms/admin/orders/assign_team.php?id=. They do not provide explicit root-cause details beyond the SQL i...

7.2CVSS7.4AI score0.00726EPSS
Web
CVE
CVE
added 2022/10/26 12:0 a.m.62 views

CVE-2022-3673

CVE-2022-3673 affects SourceCodester Sanitization Management System 1.0. The vulnerability is in an unknown function within /php-sms/classes/Master.php, where manipulation of the message argument leads to cross-site scripting. It is described as exploitable remotely. Multiple connected records co...

6.1CVSS4.9AI score0.00328EPSS
Web
CVE
CVE
added 2022/12/30 12:0 a.m.62 views

CVE-2022-44137

SourceCodester Sanitization Management System 1.0 is vulnerable to SQL Injection (CVE-2022-44137). Affected product: SourceCodester Sanitization Management System 1.0. Root cause: SQL Injection as stated in CVE. Impact per CVSSv3.1: High (7.2) with Confidentiality, Integrity, and Availability imp...

7.2CVSS7.1AI score0.00821EPSS
CVE
CVE
added 2022/11/23 12:0 a.m.62 views

CVE-2022-44278

CVE-2022-44278 affects Sanitization Management System v1.0. The vulnerability is a SQL Injection in the admin endpoint /php-sms/admin/?page=user/manage_user&id= (network attack surface; no user interaction required). Documented impact is high on confidentiality, integrity, and availability (CVE C...

7.2CVSS7.4AI score0.00726EPSS
Web
CVE
CVE
added 2022/11/30 12:0 a.m.61 views

CVE-2022-44296

Product: Sanitization Management System v1.0. Vulnerability: SQL Injection via /php-sms/admin/quotes/manage_remark.php?id= in the Quotes management remark endpoint. Root cause/vector: unsanitized input in the id parameter (SQLi). Impact (per CVSS): Confidentiality, Integrity, Availability each Hi...

7.2CVSS7.4AI score0.00726EPSS
Web
CVE
CVE
added 2022/11/05 12:0 a.m.60 views

CVE-2022-3868

CVE-2022-3868 affects the SourceCodester Sanitization Management System. A vulnerability in an unknown function of the file /php-sms/classes/Master.php?f=save_quote allows manipulation of the argument id, resulting in an SQL injection. This can be triggered remotely and the exploit has been publi...

9.8CVSS7.5AI score0.00458EPSS
Web
CVE
CVE
added 2022/11/07 12:0 a.m.57 views

CVE-2022-43351

CVE-2022-43351 affects the Sanitization Management System v1.0, with a vulnerability in the /classes/Master.php?f=delete_img path that allows arbitrary file deletion. The issue is described as an arbitrary file deletion vulnerability impacting integrity and availability. Connected sources provide...

6.5CVSS6.5AI score0.00808EPSS
Web
CVE
CVE
added 2022/10/15 12:0 a.m.56 views

CVE-2022-3519

SourceCodester Sanitization Management System 1.0 contains a cross-site scripting vulnerability in the Quote Requests Tab triggered by manipulating the Manage Remarks parameter. The issue can be exploited remotely; versions and specific affected files are not explicitly enumerated beyond the 1.0 ...

6.1CVSS4.8AI score0.00335EPSS
CVE
CVE
added 2022/11/07 12:0 a.m.56 views

CVE-2022-43352

CVE-2022-43352 concerns Sanitization Management System v1.0, with a reported SQL injection in the id parameter of the endpoint /php-sms/classes/Master.php?f=delete_quote. Affected component is the application’s quotes deletion path; root cause is unsafely constructed SQL that allows attacker-cont...

7.2CVSS7.2AI score0.00821EPSS
Web
CVE
CVE
added 2022/12/07 12:0 a.m.56 views

CVE-2022-44393

Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=services/view_service&id=. Root cause is unsafely handled id parameter in that endpoint. Impact per CVSS: high confidentiality, integrity, and availability, with network attack vector and no user interacti...

7.2CVSS7.4AI score0.00821EPSS
Web
CVE
CVE
added 2022/10/26 12:0 a.m.55 views

CVE-2022-3672

CVE-2022-3672 affects SourceCodester Sanitization Management System 1.0. The vulnerability is a cross-site scripting flaw in the handling of the name/shortname arguments within the file /php-sms/classes/SystemSettings.php , which can be triggered remotely. The accompanying documents consistently ...

6.1CVSS4.8AI score0.00328EPSS
Web
CVE
CVE
added 2022/12/24 12:0 a.m.55 views

CVE-2022-4726

CVE-2022-4726 affects SourceCodester Sanitization Management System 1.0. The vulnerability lies in the Admin Login functionality, where manipulation of the username/password parameters leads to SQL injection. The attack can be launched remotely. The available connected documents consistently desc...

9.8CVSS8.3AI score0.00437EPSS
CVE
CVE
added 2022/10/26 12:0 a.m.54 views

CVE-2022-3674

CVE-2022-3674 affects SourceCodester Sanitization Management System 1.0. Descriptions consistently cite a critical issue where manipulation leads to missing authentication, enabling remote attacks. Public technical details are not provided across connected documents; some sources indicate no avai...

9.8CVSS8.6AI score0.00511EPSS
CVE
CVE
added 2022/11/01 12:0 a.m.54 views

CVE-2022-43354

CVE-2022-43354 affects Sanitization Management System v1.0. The vulnerability is a SQL injection in the id parameter of the endpoint /admin/?page=orders/manage_request, as described in multiple sources. The CVE has a CVSS v3.1 base score of 7.2 (HIGH) with network attack vector, low attack comple...

7.2CVSS7.2AI score0.00804EPSS
Web
CVE
CVE
added 2022/11/30 12:0 a.m.54 views

CVE-2022-44294

CVE-2022-44294 affects Sanitization Management System v1.0. The provided documents describe a SQL Injection vulnerability exploitable via the endpoint /php-sms/admin/?page=services/manage_service&id=, stemming from unsanitized input in the id parameter. The CVSS metrics indicate a HIGH severity (...

7.2CVSS7.4AI score0.00726EPSS
Web
CVE
CVE
added 2022/11/01 12:0 a.m.52 views

CVE-2022-43353

CVE-2022-43353 concerns Sanitization Management System v1.0, which is vulnerable to a SQL injection via the id parameter in the endpoint /admin/?page=orders/view_order. The root cause is improper handling of the id input, enabling an attacker to craft queries that could affect confidentiality, in...

7.2CVSS7.2AI score0.00804EPSS
Web
CVE
CVE
added 2022/11/01 12:0 a.m.52 views

CVE-2022-43355

CVE-2022-43355 affects Sanitization Management System v1.0, where a SQL injection is reachable via the id parameter at /php-sms/classes/Master.php?f=delete_service. The primary document states a SQL injection vulnerability, with CVSS‑3.1 metrics: AV:N, AC:L, PR:H, UI:N, S:U, C:H, I:H, A:H, base s...

7.2CVSS7.2AI score0.00821EPSS
Web
CVE
CVE
added 2022/12/02 12:0 a.m.50 views

CVE-2022-44277

CVE-2022-44277 affects Sanitization Management System v1.0. The vulnerability is a SQL Injection in the endpoint /php-sms/classes/Master.php?f=delete_product, arising from improper sanitization in the application’s database queries. According to the incident data, the CVSSv3.1 base score is 7.2 (...

7.2CVSS7.4AI score0.00726EPSS
Web
CVE
CVE
added 2022/12/02 12:0 a.m.50 views

CVE-2022-44347

CVE-2022-44347 affects Sanitization Management System v1.0. The vulnerability is an SQL Injection in the web endpoint /php-sms/admin/?page=inquiries/view_inquiry&id= (parameter id). Multiple sources confirm the impact is high (CVSS 3.1: AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) with potential data dis...

7.2CVSS7.4AI score0.00726EPSS
Web
CVE
CVE
added 2022/11/14 12:0 a.m.49 views

CVE-2022-3992

CVE-2022-3992 affects SourceCodester Sanitization Management System. The vulnerability is in an unknown functionality of the file admin/?page=system_info within the Banner Image Handler, enabling cross-site scripting. Attacks can be launched remotely; CVSS scores in the sources range from 6.1 (NV...

6.1CVSS4.8AI score0.00468EPSS
Web
CVE
CVE
added 2022/11/28 12:0 a.m.49 views

CVE-2022-45214

CVE-2022-45214 : A cross-site scripting (XSS) vulnerability in Sanitization Management System v1.0.0 allows attacker-controlled scripts via a crafted payload injected into the username parameter at /php-sms/classes/Login.php. Affected component is the login API of Sanitization Management System 1...

6.1CVSS5.8AI score0.00423EPSS
Web
CVE
CVE
added 2022/10/14 12:0 a.m.48 views

CVE-2022-3504

The CVE-2022-3504 entry describes a SQL injection vulnerability in SourceCodester Sanitization Management System, triggered by manipulating the id parameter in the URL path /php-sms/?p=services/view_service. The issue is framed as critical with remote attack potential and the vulnerability affect...

9.8CVSS8.3AI score0.00598EPSS
Web
CVE
CVE
added 2022/10/14 12:0 a.m.47 views

CVE-2022-3505

CVE-2022-3505 affects SourceCodester Sanitization Management System. The vulnerability is a cross-site scripting flaw in an unknown function under /php-sms/admin/, caused by manipulation of the page parameter. It can be exploited remotely and the exploit has been disclosed publicly (per multiple ...

5.4CVSS4.4AI score0.00468EPSS
Web
CVE
CVE
added 2022/12/02 12:0 a.m.47 views

CVE-2022-44348

Sanitization Management System v1.0 is affected by a SQL injection vulnerability in the /php-sms/admin/orders/update_status.php?id= endpoint. The issue arises from unsafely handling the id parameter, enabling attacker-controlled SQL queries. Reported CVSS v3.1 base score 7.2 (HIGH) with network a...

7.2CVSS7.4AI score0.00726EPSS
Web
CVE
CVE
added 2022/11/30 12:0 a.m.46 views

CVE-2022-44151

CVE-2022-44151 affects Simple Inventory Management System v1.0. The vulnerability is a SQL Injection in the login endpoint (/ims/login.php), caused by improper handling of user input. This can lead to unauthorized access to data and potential total compromise, with the CVSS v3.1 base score of 9.8...

9.8CVSS9.7AI score0.00853EPSS
Web
CVE
CVE
added 2022/11/30 12:0 a.m.43 views

CVE-2022-44096

CVE-2022-44096 affects Sanitization Management System v1.0. The issue is due to hardcoded credentials in the system, enabling privilege escalation and admin-panel access. Multiple connected sources corroborate the vulnerability, including Red Hat and PT Security, which note credential leakage as ...

9.8CVSS9.6AI score0.00764EPSS
CVE
CVE
added 2022/12/02 12:0 a.m.40 views

CVE-2022-44345

CVE-2022-44345 affects the web application product Sanitization Management System v1.0 . The vulnerability is a SQL Injection triggered through the endpoint /php-sms/admin/?page=quotes/view_quote&id= , where the unvalidated/unsafely processed id parameter enables injection. The CVSS 3.1 data in t...

7.2CVSS7.4AI score0.00726EPSS
Web