Stock Management System Security Vulnerabilities and Issues — Stock Management System CVE List

Lucene search

Stock Management System ProjectStock Management System

10 matches found

CVE•added 2024/06/06 1:15 p.m.•68 views

CVE-2024-36779

Sourcecodester Stock Management System v1.0 is vulnerable to SQL Injection via editCategories.php.

9.8CVSS8.4AI score0.00072EPSS

CVE•added 2022/01/31 6:15 p.m.•45 views

CVE-2021-44114

Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Stock Management System in PHP/OOP 1.0, which allows remote malicious users to execute arbitrary remote code execution via create user function.

4.8CVSS5.6AI score0.00318EPSS

CVE•added 2022/11/24 10:15 a.m.•43 views

CVE-2022-4088

A vulnerability was found in rickxy Stock Management System and classified as critical. Affected by this issue is some unknown functionality of the file /pages/processlogin.php. The manipulation of the argument user/password leads to sql injection. The attack may be launched remotely. The exploit h...

9.8CVSS8.8AI score0.00045EPSS

CVE•added 2022/11/24 10:15 a.m.•41 views

CVE-2022-4089

A vulnerability was found in rickxy Stock Management System. It has been declared as problematic. This vulnerability affects unknown code of the file /pages/processlogin.php. The manipulation of the argument user leads to cross site scripting. The attack can be initiated remotely. The exploit has b...

5.4CVSS4.8AI score0.00089EPSS

CVE•added 2022/11/24 1:15 p.m.•38 views

CVE-2022-4090

A vulnerability was found in rickxy Stock Management System and classified as problematic. This issue affects some unknown processing of the file us_transac.php?action=add. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to ...

8.8CVSS6.6AI score0.00046EPSS

CVE•added 2020/09/09 2:15 p.m.•30 views

CVE-2020-24197

A SQL injection vulnerability in the login component in Stock Management System v1.0 allows remote attacker to execute arbitrary SQL commands via the username parameter.

9.8CVSS9.9AI score0.00513EPSS

CVE•added 2024/02/05 9:15 p.m.•27 views

CVE-2023-51951

SQL Injection vulnerability in Stock Management System 1.0 allows a remote attacker to execute arbitrary code via the id parameter in the manage_bo.php file.

9.8CVSS9.8AI score0.02604EPSS

CVE•added 2020/09/01 5:15 p.m.•25 views

CVE-2020-23831

A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php login-portal webpage of SourceCodester Stock Management System v1.0 allows remote attackers to harvest login credentials and session cookies when an unauthenticated victim clicks on a malicious URL and enters credentials.

6.4CVSS6.1AI score0.00486EPSS

CVE•added 2020/09/02 5:15 p.m.•23 views

CVE-2020-23830

A Cross-Site Request Forgery (CSRF) vulnerability in changeUsername.php in SourceCodester Stock Management System v1.0 allows remote attackers to deny future logins by changing an authenticated victim's username when they visit a third-party site.

7.1CVSS6.9AI score0.00167EPSS

CVE•added 2020/09/09 3:15 p.m.•22 views

CVE-2020-24198

A persistent cross-site scripting vulnerability in Sourcecodester Stock Management System v1.0 allows remote attackers to inject arbitrary web script or HTML via the 'Brand Name.'

6.1CVSS6AI score0.00285EPSS