Lucene search
K
Simple Cold Storage Management System ProjectSimple Cold Storage Managment System

4 matches found

CVE
CVE
added 2022/10/28 12:0 a.m.51 views

CVE-2022-43230

CVE-2022-43230 affects Simple Cold Storage Management System v1.0. The vulnerability is an SQL injection in the id parameter of /admin/?page=bookings/view_details. The attached metrics indicate CVSS v3.1 base score 7.2 (HIGH) with Network attack vector, Low attack complexity, Privileges required ...

7.2CVSS7.2AI score0.00804EPSS
Web
CVE
CVE
added 2022/10/11 12:0 a.m.48 views

CVE-2022-42230

CVE-2022-42230 affects Simple Cold Storage Management System v1.0. The vulnerability is a SQL Injection in the web API endpoint at /csms/admin/?page=user/manage_user&id= (id parameter), reported across multiple feeds. The advisory data from connected documents indicate a potential PoC exists and ...

7.2CVSS7.4AI score0.00617EPSS
Web
CVE
CVE
added 2022/10/28 12:0 a.m.45 views

CVE-2022-43229

CVE-2022-43229 pertains to a SQL injection vulnerability in Simple Cold Storage Management System v1.0, exploitable via the id parameter on the /bookings/update_status.php endpoint. The root cause is unauthenticated/non-validated input being used in a SQL query, enabling an attacker to view, modi...

7.2CVSS7.2AI score0.01066EPSS
Web
CVE
CVE
added 2021/12/21 11:23 a.m.41 views

CVE-2021-45253

The CVE-2021-45253 entry concerns Simple Cold Storage Management System 1.0. The vulnerability is in the id parameter of view_storage.php, allowing SQL injection. A payload injected a SQL sub-query invoking MySQL load_file with a UNC path referencing an external URL, and the application interacte...

9.8CVSS9.6AI score0.01239EPSS